With workforces largely remaining partially or fully remote, employees continue to rely on tools for greater efficiency and productivity. Attackers have found a new way to target employees working from home - distributing voicemails within an email that look as if they were generated by old-fashioned telephone systems called Private Branch Exchange (PBX).
A large number of remote workers have already fallen victim the above-mentioned cyberattack. According to findings made by email security firm IronScales, voicemail phishing attacks (also known as “vishing”) have reached almost 100,000 inboxes across the globe within hundreds of companies across all industries, including real estate, oil & gas, engineering, IT, healthcare, financial services and more. Let us show you how you can get prepared and protect your workforce.
What is the Goal of the “new voicemail message” Phishing Attempt?
According to IronScales, this is being done with the intention of coercing remote workers into presenting sensitive information—such as Microsoft Office credentials—in order to access the newly-arrived voicemail. These stolen credentials could be leveraged on enterprise websites and platforms to gain access to more valuable information within platforms such as SharePoint, Microsoft Teams and E-Mail. Additionally, the threat actors could also pull information garnered from the voicemails for further social engineering attacks.
How Does it Appear to Attacked Users?
In this example, the “new voicemail message” email looks legitimate because of the images and text in the body of the email. The message displays an “official” Microsoft software logo along with text stating the message comes from a “trusted source.” The scammers take the scam one step further by adding additional content in the email. Some versions of the email scam have a portion of a voicemail transcribed in the email. “Please contact me ASAP about…” is an example. The goal is to convince the recipient that he/she has a new voicemail recording that is too large to send directly via email and to convince the recipient to click on the link in order to enter their credentials. Once the user clicks the link, it will download malware onto their computer or redirect them to a fake credentials form to fill out.
Advise for Companies With or Without Remote Workers
Any company that automatically sends voicemails to employee inboxes, with or without remote workers, remains at considerable risk of falling victim to voicemail phishing attacks. While remote workers do increase the risk even further, any company relying on legacy systems such as PBX should be cautious.
The first step is to make employees aware that such a threat exists. Following this, the right technology would be able to provide a sufficient shield against the threats posed to in-house and remote workers. For instance, software such as an email firewall or Microsoft´s M365 Security would be able to amply detect the background of potentially fraudulent emails—automatically marking them as phishing attacks if and where necessary.
Since these attack campaigns are low effort for cybercriminals to automate, voicemail phishing attacks will continue to grow in frequency and complexity over the next year. Microsoft 365 will continue to be a repeated target of this type of occurrence because of its large user base. It’s no secret that phishing attacks can be enormously costly (in the billions of dollars) and destructive, and new scams are appearing every week. According to the annual report of the security firm GreatHorn 33.9% of white-collar professionals report credential theft attempts bypassed their email security tools, while 32% saw business services spoofing attempts in their inboxes.
Phishing attacks will continue to exploit users within your organization. Aside from practicing good cybersecurity hygiene, your only other defense is to educate your workforce and carefully monitor email traffic. With an experienced cybersecurity expert like SoftwareONE, you are able to detect, block and respond to these attacks. We will help you to protect your Microsoft 365 environment.