Woburn, MA – September 26, 2019 — /BackupReview.info/ — New research from Kaspersky has uncovered a widespread malicious email campaign aimed at stealing Microsoft user account credentials allowing attackers to access private, corporate information. Executed via an elaborate spam message, these attacks target employees working for large organizations that use business messengers with a function to exchange voice messages and receive voice message notifications through corporate emails.

As is the goal with all spam campaigns, the malicious emails are carefully designed to look and sound legitimate to corporate users. The body of the email typically contains the time the voice message was sent, its duration and a preview of the message in the form of a short phrase such as, “Just checking to remind you in regards to our…”

To listen to the message, the recipient is asked to follow what is actually a phishing link that leads to a fake authorization page of one or several popular Microsoft services such as the login page for an Outlook email client or a basic Microsoft account. Once the user’s credentials are entered, malicious actors capture them and redirect their unsuspecting victim to the real voice message service for the business. This distracts users and leads them to believe the email was merely an innocent promotion of the service.

“We’ve recently observed a significant increase in the number of spam attacks on the corporate sector, ” said Maria Vergelis, security researcher at Kaspersky. “In most cases, they attempt to hack into employees’ emails through missed or undelivered messages to access private corporate information that the accounts could reveal. Obviously, missing an important message is a constant fear for employees of large companies as it can affect vital business processes. Therefore, such attacks are likely to have a successful outcome for fraudsters. The targeted employees, afraid to lose the notification in a huge stream of business correspondence, are understandably tempted to follow malicious links and enter their data. We urge all employers to educate their teams on basic cybersecurity hygiene, to avoid becoming a victim of such scams.”

To protect users and businesses from malicious email campaigns, Kaspersky recommends:

  • Always checking the link address and sender’s email before clicking on anything.
  • Checking if the link address can be seen in the email and is the same as the actual hyperlink (the real address the link will take you to). This can be checked by hovering your mouse over the link.
  • Use a reliable security solution with behavior-based anti-phishing technologies, such as Kaspersky Total Security, to detect and block both spam and phishing attacks, and initiation of malicious files.

Read the full text of the report on Kaspersky Daily – https://www.kaspersky.com/blog/fake-voicemail-spam/28727/

About Kaspersky
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.

Media Contact:
Cassandra Faro
Cassandra.Faro@Kaspersky.com
781-503-1812

Source: Kaspersky

 

 

 

General Tags: CEO interviews, online data backup, online backup, online backup news, top rated online backups, online file storage, SaaS, online file backup, data security, online backup providers directory, online backup reviews, backing up online, data storage, online backup companies, compare online backups, cloud computing, online backup services, software as a service

Like us on Facebook




===========================
Do you like this post? Subscribe to our RSS feed ===========================



Share/Save/Bookmark

Related posts:

  1. Cybercriminals Use Smartphone Calendars to Distribute Scam Offers
  2. Kaspersky Lab Finds 1 in 5 Phishing Attacks Target Banks and Financial Institutions
  3. Data Storage Corporation Announces its Expansion into Message Archiving and Analytics with Message Logic Asset Acquisition
  4. Kaspersky Lab Reports: Phishers and Scammers Target the Upcoming FIFA World Cup 2014
  5. Kaspersky Lab Story of the Year 2017: More Than One Quarter of Ransomware Attacks Target Businesses
  6. WinZip® 18 Enterprise Offers Simple and Secure File Sharing for Corporate and Government Accounts
  7. WinZip® 18.5 Enterprise Extends FIPS Security Compliance for Corporate and Government Accounts
  8. HubStor and Red Box Recorders Partner to Bring Voice Archiving Compliance to Microsoft Azure
  9. New Kaspersky Security for Microsoft Office 365 Enhances Protection for Exchange Online
  10. Kaspersky Lab Report Reveals Business Executives Are Exposing Critical Corporate Data While Traveling

Tags: , ,