Scammers Trying to Steal Office 365 Credentials with Fake Voice Mail Messages
(October 30 & 31, 2019)
Researchers at McAfee have detected a phishing campaign that uses voicemail messages to try to trick recipients into disclosing their Office365 account access credentials. Targeted individuals received email messages telling them they had missed a phone call and asking them to log into their Office365 account to retrieve the message.
Editor’s Note
[Neely]
This is a good time to remind users of legitimate password recovery options to help them make good choices for these sorts of emails. Also make sure that your email service anti-phishing and anti-malware services are enabled to block or quarantine these types of attachments.
Read more in:
– securingtomorrow.mcafee.com: Office 365 Users Targeted by Voicemail Scam Pages
– www.govinfosecurity.com: McAfee: Malicious Voicemails Target Office365 Users
– www.bleepingcomputer.com: New Office 365 Phishing Scams Using Audio Voicemail Recordings
– threatpost.com: Fake Voicemail/Office 365 Attack Targets Enterprise Execs
-Daniel Weatherly
Director of Security Services
Mainstream Technologies Inc