Cybercriminals are trying to trick Microsoft Dynamics 365 Customer Voice users into giving up their login credentials with a new phishing campaign, experts warn,
A report from Avanan revealed that threat actors will send a notice E-mail Through Dynamics 365 Customer Voice, which states that the customer left a voice message. Because the email itself is so much like a critical voicemail from a customer, and the link is legitimate, clicking on it is the “natural step,” the researchers said.
Dynamics 365 Customer Voice is Microsoft’s customer relationship management (crmsA tool that companies use to survey customers, monitor and organize customer feedback, and transform feedback data into actionable insights. Moreover, businesses can use it to interact with their customers over the phone. The data generated through these interactions is stored, which is what fraudsters try to take advantage of.
Nobody forbids Microsoft
But the “Play Voicemail” button actually redirects victims to a phishing landing page that looks almost identical to a Microsoft login page. Users should try to log in, their own Credentials (Opens in a new tab) You will end up in the hands of scammers.
“Hackers are constantly using what we call a static highway to reach end users,” the researchers explain. In short, it is a technology that takes advantage of legitimate websites to bypass security scanners. The logic is as follows: Security services cannot completely block Microsoft – it would be impossible to get any work done. Instead, these links from trusted sources tend to be trusted automatically. This created a way for hackers to insert themselves.”
The researchers added that the way legitimate services are being misused to distribute malicious messages is gaining a lot of traction lately, saying they have seen Facebook, PayPal, QuckBooks and others being misused for this purpose.
“It is very difficult for security services to detect what is real and what is intrinsic behind a legitimate link. In addition, many services see a known good link, and do not scan it by default. Why scan something good? That’s what hackers hope for.”
The attack is relatively complex due to the fact that the actual phishing link does not appear before the final step. “It will be important to remind users to see all URLs, even when they are not in the body of an email,” they caution.