Microsoft Voicemail Service Users Targeted with Phishing Attacks

By   ISBuzz Team
Writer , Information Security Buzz | Nov 08, 2022 04:47 am PST

It has been reported that security researchers are warning of a new phishing campaign that abuses Microsoft Dynamics 365 Customer Voice to trick recipients into handing over their credentials. Dynamics 365 Customer Voice is a “feedback management” tool from Microsoft designed to make it easier for companies to collect, analyse and track in real time customers’ perception of their products and services. One feature allows customers to interact and leave feedback via the phone.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Paul Bischoff
Paul Bischoff , Privacy Advocate
November 8, 2022 1:01 pm

This attack demonstrates why it’s important to never click on unsolicited links or attachments. Even though the original link is a legitimate Microsoft URL, it directs users to a phishing page. If you insist on clicking on a link, be sure to keep an eye on the URL in your browser, which might differ from the URL displayed by the link after a redirect. Note that even if a website has “https” in its URL, it is not necessarily safe. A majority of phishing sites now have valid SSL certificates that allow them to use https. Instead, you must check the spelling of the domain name.

Last edited 1 year ago by Paul Bischoff
Chris Hauk
Chris Hauk , Consumer Privacy Champion
November 8, 2022 12:48 pm

The bad actors of the world continue to innovate when it comes to phishing links. The method used in this phishing attack is particularly dangerous, because the attack uses legitimate links from Microsoft that eventually lead to the phishing link after the user has been lulled into a false sense of security. Following this method, the bad guys make it difficult for organisations to properly educate their employees and executives.

Last edited 1 year ago by Chris Hauk

Recent Posts

Would love your thoughts, please comment.x