The phishing email
appears to come from the legitimate voicemail vendor, RingCentral but includes
a Microsoft logo (no doubt, to make the user associate Microsoft with this
process – more on that in a moment).
Using subjects such as Voice:Message, Voice Delivery Report, or PBX Message, these emails contain another email as the
attachment (to avoid detection by email scanning security solutions) containing
the actual phish (shown below).
The user is then prompted to click a link to Listen to the voicemail. In reality, the link takes the user to a spoofed Microsoft login page where they are promoted not once, but twice to logon (likely to ensure the passwords typed match so the cybercriminals can be certain the account details are correct).
The user is then prompted to click a link to Listen to the voicemail. In reality, the link takes the user to a spoofed Microsoft login page where they are promoted not once, but twice to logon (likely to ensure the passwords typed match so the cybercriminals can be certain the account details are correct).
As a nice touch, once the logon has completed, a generic voicemail does play – probably to throw users off the scent of this being a scam.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.