Attackers have devised a new phishing campaign that distributes emails that seem to be generated by Private Branch Exchange (PBX), a legacy technology that integrates with employees’ email clients so they can receive their voicemail recordings, according to Ironscales. In mid-May, Ironscales uncovered what has since evolved into a massive, global phishing trend where attackers use custom subject lines to spoof the voicemail email as if it is coming from a PBX integration. This has threatened nearly 100,000 mailboxes around the world, reaching enterprises across multiple sectors. Unlike many emails, these do not bear an actual malicious payload, which would trigger a detection, the emails can bypass secure email gateways and eludes the DMARC authentication protocol.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
