Attackers have devised a new phishing campaign that distributes emails that seem to be generated by Private Branch Exchange (PBX), a legacy technology that integrates with employees’ email clients so they can receive their voicemail recordings, according to Ironscales. In mid-May, Ironscales uncovered what has since evolved into a massive, global phishing trend where attackers use custom subject lines to spoof the voicemail email as if it is coming from a PBX integration. This has threatened nearly 100,000 mailboxes around the world, reaching enterprises across multiple sectors. Unlike many emails, these do not bear an actual malicious payload, which would trigger a detection, the emails can bypass secure email gateways and eludes the DMARC authentication protocol.
Voicemail Phishing Scam Targets WFH Employees
Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics