Office 365 passwords are at risk from voicemail phishing
Posted by Chris Wheeler on 05/02 at 10:00 AM Office 365,
Office 365 at risk from voicemail phishing

With cyber criminals finding varied means to discover our online passwords, we should not be surprised when they come up with another novel tactic for breaching our defences.


Researchers have discovered a new group of phishing emails that are being sent to personal and work email addresses with an attached voicemail file.


It looks like a normal email from a well-known telecoms company, but includes an attachment that looks like a sound file. However, it just opens a web page for you to preview, list or save the audio file to your computer.


When you visit the site, which is a clone of the Office 365 login page, it asks for your password. Once you enter your password, it states the password is incorrect to thwart suspicious users who put in a dummy password. Anyone who then puts in their official password gives hackers access to their account.


Once they have submitted their passwords, they are directed to a web page which has a link to a sound file from a random list of individuals, mostly elderly men and women, for the user to ignore. In the user’s mind, the elderly person has made a mistake or doesn’t have the ability to use a voicemail system properly.


For businesses using Office 365, there is the option to use two-factor authentication, so users must use their email and secondary application to log into their account, but some companies may not have enabled this feature which leaves them open to risk.


This type of phishing scam is making the rounds and IT administrators are working hard to educate their staff and update firewall settings to identify the attachments.


If your IT team hasn’t enabled two-factor authentications within Office 365, then show them this blog. It may change their mind and keep your business passwords safe.


Contact me directly to find out more about Office 365, or visit our Office 365 blogs to read more articles.

Posted by
Chris Wheeler's avatar
Chris Wheeler on 05/02/2019

A man with a passion for all things Microsoft, Chris has joined our team to provide exceptional levels of service in the cloud space and licensing projects.

Primarily Office 365 focussed, Chris comes with a wealth of knowledge and has worked with a number of large businesses on their cloud journey and software asset management lifecycle. If anyone needs advice or awareness about anything Microsoft related, Chris is the guy to speak to.

Chris is currently focussing on completing his BSc in computing & IT part time, and along with playing football at the weekend and learning Polish he says “It’s so good to get back to work on a Monday!”

Contact: chris.wheeler@swcomms.co.uk

Contact us now

Send us a message