Today was our first spot of a new phishing variant using voicemail notifications. Many companies now have telephone systems that send an email notification, some also including sound file attachment, when a voicemail message is received. This hoax email pretends that the recipient has received a voice message and refers to “Microsoft Office Voicenote”. This isn’t something that actually exists, but would sound legitimate enough to a regular computer user who was familiar with OneNote and perhaps used Office 365 for email and file sharing. We would expect that this would trick a high number of users in an organisation so it’s important that people are aware of this and know to ignore it.
Interestingly, the message we saw looks to have been generated from a hacked WordPress website and the link offered to listen to the message is hosted on the same site. WordPress sites are widely used, but unfortunately very few are well maintained and those that aren’t regularly updated or managed by experts are frequently compromised by hackers and use for phishing scams.
Here is an example of the text in one of the fake voicemail notices that we have received.
MS Office Voicenote secured
Voicenote Notification for: email@example.com
Voicenote Date: 12/28/2018 09:23:44 am
You received a new Voicenote: V0ICE701-606-8937.Wav (53 KB) from +1 396 883 9****
You can listen to your Voicenote [V0ICE701-606-8937.wav (33sec)] below:
*Note: Voice Messages might be deleted few minutes after the reception of this message.
Microsoft Voice message notification for Itbuilder