Scammers are now faking voicemail notifications to steal Office 365 login credentials

Security researchers have found a new phishing campaign that leverages fake voicemail messages to trick victims into stealing their Office 365 email credentials. The scam — uncovered by cybersecurity firm McAfee — made use of fraudulent email attachments, which when opened, redirected users to a phishing website that siphoned the login information with an aim to impersonate staff members and gain wider access to internal systems. A number of employees, from middle management to executive level staff employed across different verticals such as services, finance, IT services, retail, and insurance, were targeted in what the researchers call a whaling campaign.…

This story continues at The Next Web

source https://thenextweb.com/security/2019/10/31/scammers-are-now-faking-voicemail-notifications-to-steal-office-365-login-credentials/