Attend IT Limited Blog

Phishing Attacks Masquerading as VoIP Voicemails

Phishing Attacks Masquerading as VoIP Voicemails

Think of how easy it is to trick a human. Entire industries are centered around it. Just think about the flashy magazines at the checkout counter promising us perfect summer bodies if we just follow Channing Tatum’s simple 30-step breakfast routine. These magazines sell. They wouldn’t exist if they didn’t work. Phishing works for hackers, and it works extremely well, and they are constantly making it harder to not get tricked.

Just a quick recap: what is phishing? Phishing is when a quote-unquote hacker sends you an email disguised as a legitimate email from someone else.

Usually a phishing email might look like your bank trying to get you to log in to check your statement, or PayPal telling you that there was a recent charge they want you to look into. Phishing attacks can also be very personal and specific, like an email from your CEO asking you to quickly move some funds to a certain bank account or authorizing a payment.

The hacker will spoof the email in a way to make it look legitimate - the email would have all of the logos and header and footer information that, at a glance, makes it look real. When the user falls for the trap though, they end up providing sensitive information to the hacker. It’s one of the leading cybersecurity threats in the playing field right now. 

Phishing attacks are annoying, and they trick a lot of users, and this latest one even made me double take.

The Fake Voicemail Phishing Attack

Most modern phone systems, especially VoIP phone systems, have a convenient feature that will email you voicemails. That way, you can check them easily from your email instead of dialing into your phone. I like this feature a lot--it gives me one less place to check for communication--and I already spend a lot of time in my email. It’s really handy to be able to listen to a voicemail message directly from my inbox on any device.

That said, hackers have figured out that a lot of businesses use this feature, and now they are crafting phishing emails to look like voicemails.

The email comes in very much like it would from your phone system. The subject line will say something like “New Voicemail from: (555) 555-5555” (but with a real number) and attached will be a file that looks like it could be an audio clip of the voicemail.

Be very wary of this. That file could contain malware. Some of these emails also contain links or buttons to click on to download the voicemail. These could lead to sites that might try to steal your information or infect your computer with malware. In other words, if you get one of these, don’t click on anything or download anything.

How to Tell the Difference Between a Real Voicemail and a Phishing Attack?

This is where things get tricky, because hackers are going to continue to experiment and try to increase the accuracy of this spoof.

Right now, the best way to ensure that you don’t fall for fake voicemail phishing attacks is to ensure that your REAL voicemail get labeled in your inbox.

Depending on your VoIP system, your voicemail emails will come from a specific email, and have a specific subject line. You’ll want to filter these emails so you know they are legit, and when you get one that doesn’t get labeled as a voicemail, you know you should be suspicious.

Look for your previous voicemail emails. Note the email address they come from and the subject line.

  1. In Gmail use these steps:
    Click on the Gear icon and go to Settings
  2. Click Filters and Blocked Addresses and scroll down and click Create a New Filter.
  3. Enter in the From email and a part of the subject line that is consistent across all of your voicemail emails (typically this will be something like “new voicemail from” or something similar).
  4. Click Create Filter
  5. On the next screen, choose what you want to do to make it stand out. Personally, I star it, and apply a label called Voicemail
  6. Click Create Filter once more and it will save. 

In Outlook: 

  1. Create a rule by right-clicking a legitimate voicemail email and go to Rules > Create Rules…
  2. Set the From to the email address your voicemails come from, and enter a part of the subject line that is consistent across all of your voicemail emails (typically this will be something like “new voicemail from” or something similar).
  3. In the Do the Following section, check Move Item to Folder and select a folder (or create a new folder called Voicemail.
  4. Ok.

This will hopefully weed out most fake attempts, but you still need to be very vigilant and make sure you know what you are clicking on and downloading. If you are getting a lot of spam and phishing emails, we are here to help. Just give us a call at 020 8626 4485 to see what your options are.

Tip of the Week: How to Keep Your Wireless Printer...
Taking a Look at the Problems Behind Smartphone Ad...

By accepting you will be accessing a service provided by a third-party external to

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Network Security Business Computing Tip of the Week Cloud Productivity Best Practices Data Backup Data Recovery Hackers Disaster Recovery Managed IT Services communications Privacy Hosted Solutions VoIP Backup Data Malware Business Continuity Business Small Business Innovation Outsourced IT IT Support IT Services Email Software Mobile Devices Cybersecurity Computer Internet Cloud Computing Efficiency Phishing Productivity IT Support BDR Saving Money Hardware Business Management Ransomware Automation Information Technology Smartphone Upgrade Server Internet of Things Managed IT Mobile Device Management Managed IT services Covid-19 Collaboration Microsoft Compliance BYOD Mobility Smartphones Network Meetings Workplace Tips Risk Management User Tips Budget Avoiding Downtime Managed Service Provider Gadgets Quick Tips Save Money Mobile Device Windows 7 Communication Wi-Fi Artificial Intelligence History Spam Wireless Managed Service Virtual Private Network Hosted Solution Users Computers Google Remote Computing Firewall Employee-Employer Relationship MSP Remote Work Password Cost Management Training Human Resources Passwords Data Management Marketing Telephony Recovery Paperless Office Manufacturing Personal Information Big Data Saving Time Automobile Data Breach IT Service Data Security Time Management Devices Telephone Systems Router Windows 10 VPN Hybrid Cloud Android Microsoft Office End of Support Software as a Service Employer-Employee Relationship Remote Workers Conferencing Printer Document Management Business Technology Hard Drives Content Filtering Maintenance Printing Solid State Drive Wireless Internet Machine Learning Redundancy Tech Term Computing Value Audit Networking Instant Messaging Bandwidth Managed Services Administration Business Telephone Upgrades Data Loss Gamification AI Streaming e-waste Fiber Optics Wireless Technology Business Intelligence Office Telephone Azure Shadow IT Analysis Virtual Assistant Professional Services Workers Monitoring Remote Mobile Office Blockchain Outsource IT Backup and Disaster Recovery Chromebook Smartwatch Colocation Computer Repair Antivirus Government Cybersecurty Dark Web Money Windows Server 2008 App Bitcoin SMB Active Directory Proactive Alexa for Business Travel Management Printers Development Black Market Lifestyle Transportation Break/Fix Window 10 Cleaning Smart Tech Vendor Hacker Holiday Project Management Students Workstations Utility Computing Customer Service Downtime Education Employees Flexibility SaaS Managed IT Service Work/Life Balance Spyware Proactive IT Finance Private Cloud Windows Server Vulnerability Regulation Social Media Information Online Storage OneNote Hacking Financial Technology Mobile Computing Remote Working Applications Help Desk Phone System IoT Going Green iPhone Application Connectivity Windows 10 Cybercrime Data Protection Entertainment Samsung Unified Communications Copier E-Commerce Nanotechnology WPA3 PCI DSS Facebook Copiers Office 365 Apple Infrastructure Operating System Disaster Customer Relationship Management Save Time Smart Technology Wasting Money Two-factor Authentication Evernote Streaming Media Laptop Advertising HIPAA intranet Remote Monitoring Payment Cards File Storage Regulations Compliance Browser Voiceover Internet Protocol Update User Error Videoconferencing The Internet of Things Encryption Electronic Medical Records Voice over Internet Protocol Legal Word Leadership Virtualization Amazon Mobile Content Filter Cost Commerce Company Culture Video Conferencing Social Engineering Payroll Hard Drive PC Humor Cast Edge Access Control Computer Fan Safety Credit Cards Search Business Strategy Identity Theft Windows Ink Device Security Twitter Biometrics Hard Disk Drive Shortcut Sales Virus Audits Projects Miscellaneous PDF Troubleshooting Best Practice Politics Cortana Charger Bring Your Own Device Facebook Privacy Policy How To Consultant Google Docs Vendor Management Ciminal Memory Admin Computer Tips Managing Stress Emergency FAQ YouTube Worker Commute Google Maps Scam Computer Forensics Hyperlink Excel USB Books Retail App store Solutions Television CrashOverride Updates Innovations Apps CRM Emails IT Solutions Experience Identities Internet Service Provider Relocation Adobe Wireless Charging Procedure Server Maintenance Inventory Current Events HBO Microsoft Excel Law Enforcement Myths Computer Care Holidays Gmail Wasting Time Virtual Reality Websites Mobile Security Video Games Tablets Microsoft Word Text Messaging Keyboard Webinar WIndows Server 2008 Legislation 5G Worker WannaCry Organization Google Drive Investment Communitications Touchscreen File Sharing Keyboard Shortcuts Reputation Threats Unsupported Software Identity Chrome OneDrive Scalability WiFi Data Storage Tech Support PowerPoint Accessory Security Cameras Processor iOS Sync Gifts Data Theft Medical IT Health NFL Display Reviews Alert Micrsosoft Office Tips IT solutions Patch Management Music Comparison Language Workstation Root Cause Analysis Battery Licensing Testing ROI Hosted Desktop IT Management Storage Net Neutrality Work Scams Data Privacy Sabotage Internet Exlporer Unified Threat Management Screen Mirroring Computer Accessories Fraud Peripheral Benchmarks HaaS Windows eCommerce Settings eWaste Google Assistant Co-Managed Services Digital Signage Windows 10s Outlook Analytics Specifications Telework Robot Augmented Reality Point of Sale Camera Windows Server 2008 R2 Smart Devices Sports IT budget Financial Employee Social Managed Services Provider