When we think of a phishing email the image we may have is of an email with links in that when clicked go to a spoof website. Whilst this is true much of the time, phishing emails also come in the form of malicious attachments. This week’s scam post is an example of just that type of phishing email.
The Voicemail Scam Email
The email we received in this week’s scam has the title “You have a New Telephony network message”. This type of message is quite a common one in the era of the virtual office. The use of managed office services means that company owners may often receive a voicemail message in an email from the virtual office.
This makes this form of scam a feasible option for a cybercriminal. In other words, the recipient may well be expecting such as email and not think before opening the attachment; these types of scams are more likely to get a positive result for the fraudster.
What Happens if You Click to Download the Attachment?
Our phishing email attachment was a .html file and not an actual voice recording. Voicemail recording file formats are normally something like a .wav .au or .MP3. When clicked, the .html file opens to show a spoofed form asking for a password. If you enter a password it will be stolen and used for other nefarious deeds. Cybercriminals recognise that users often reuse passwords for a variety of online accounts.
In another, similar form of the scam, clicking on the ‘voicemail’ attachment will download malware to your computer.
Where we’ve added the red blocks, this is actually where the scammer had sneakily included the name of the organisation they were targeting – to try add to the authenticity or the email.
Tips to Avoid Being Scammed
Be aware of phishing emails: The tell-tale signs of a phishing email, in whatever form it takes, should be part of your company training for all employees. Signs such as:
- Does the sender’s email address look legitimate?
- Are there grammatical errors and other signs of poor composition. In our example above, the title was “You have a New Telephony network message” which had an errant space between “New” and “Telephone” and the case of the letters was mixed.
- Does the content of the email look realistic and represent the brand it purports to be?
- Is it personalised using your name in the salutation or generic?
Always log in directly to an account: Never click links or download voicemail attachments if you are unsure of the origin of the message. Go to your virtual office account directly and log in from there to access messages.
Email phishing messages like this are regularly used as bait by fraudsters. Stay cyber-safe by being security aware.
Why not help your colleagues stay safe and send them this little reminder. Feel free to edit, copy/paste the advice below:
The Voicemail Scam
A scam email is doing the rounds. The email contains a ‘voicemail’ from your company virtual office or similar account. Be very cautious about any emails you receive with such attachments. Especially if that attachment is an HTML or similar. Clicking on this attachment will take you to a spoofed form which requests a password. If you enter a password it will be sent to a cybercriminal for possible use in other online accounts, you own.
DO NOT download any attachments from this email.
Don’t forget to share this with your colleagues and friends and help them stay safe.