We’re seeing this phishing attack over and over this week.
Your first clue that something is wrong is it doesn’t look like voicemail emails you might typically receive. Unless you have a brand new voicemail/phone system these shouldn’t change format!
The second clue is that it’s an HTML file. That should make you wonder.
It’s actually quite clever because as an HTML file, it opens in your webbrowser, which then connects to a webserver and executes code from that website. The actual attachment itself doesn’t have any bad code, so your basic antivirus will PASS it. It’s the website it takes you to that does the harm.
The nasty business is that it takes you to a Office 365 login page, harvests your login details and uses those to cause more harm.
IF YOU SEE IT, DON’T OPEN THIS ATTACHMENT
We have been able to identify enough common elements in this to be able to block it for all organisations using KARE for Security. If you want to reduce your risks, check out our Cyber-Security solutions or come to our next webinar on April 13