Print this Page

Microsoft 365 Users Targeted with Fake Voicemails

3/9/2022

In a new scam, cybercriminals attack Microsoft 365 users with malicious files disguised as voicemails. The scam works by sending an email with a voicemail file attached. The filename ends in “mth.mp3”, appearing to be a legitimate MP3 file. However, the file is actually a malicious HTML file that has been disguised using right-to-left override (RLO) functionality.

RLO was created 20 years ago for languages that read from left-to-right instead of right-to-left. Unfortunately, cybercriminals now use this functionality to make malicious files look safe. For example, in this scam, cybercriminals use RLO to display “mp3.htm” as “mth.mp3”. If you open the file, you will be taken to a fake Microsoft 365 login page instead of a voicemail. Then, any credentials that you enter on the fake login page will go straight to the cybercriminals.

Follow these tips to stay safe from similar scams:

• Never click links or download attachments in an email that you were not expecting.

• Before you share any sensitive information online, make sure that the website is legitimate. For example, an MP3 file should never take you to a login page. If you’re uncertain, navigate to the website directly.

• Before you share any sensitive information online, make sure that the website is legitimate. If you’re uncertain, navigate to the website directly before sharing any information.

• Remember that cybercriminals can use more than just links within emails to phish for your information. Always think before you click!

The KnowBe4 Security Team

KnowBe4.com

Fraud and Scams



« Return to "Money Talk Blog"
Comments
No comments have been posted yet.
Post Comment

(Only last initial will display on comment)

(Not displayed on Comment)




Security Code:
What's this?
Go to main navigation