Voicemail Scam Steals Microsoft Credentials

Attackers are using an oft-used and still effective lure to steal credentials to key Microsoft apps by sending emails notifying potential victims that they have a voicemail message, researchers have found. A team from Zscaler ThreatLabZ has been monitoring a campaign since May that targets key vertical industries in the United States with “malicious voicemail-notification-themed emails in an attempt to steal their Office365 and Outlook credentials,” researchers said in a blog post published recently. Both the emails and the credential-stealing page appear to be coming from legitimate entities, tactics that aim to dupe victims into falling for the ploy, they said. In fact, Zscaler itself was one of the organizations targeted in the campaign, which researchers said is similar to one that ThreatLabZ discovered in July 2020. This gave ThreatLabZ particular insight into how the campaign works. Other victims of the latest campaign include organizations in specific U.S. verticals, including software security, the military, security solution providers, healthcare and pharmaceutical, and the manufacturing supply chain, researchers said. While the tactics in the campaign are far from novel, threat actors appear to be taking an “if it ain’t broke, don’t fix it” approach to stealing credentials as a way to access corporate networks, noted one security professional. The sad fact is, they still work, and as long as that’s the case, attackers will still leverage them, Erich Kron, security…