Attend IT Blog

Attend IT Limited has been serving the Brentford area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Phishing Attacks Masquerading as VoIP Voicemails

Phishing Attacks Masquerading as VoIP Voicemails

Think of how easy it is to trick a human. Entire industries are centered around it. Just think about the flashy magazines at the checkout counter promising us perfect summer bodies if we just follow Channing Tatum’s simple 30-step breakfast routine. These magazines sell. They wouldn’t exist if they didn’t work. Phishing works for hackers, and it works extremely well, and they are constantly making it harder to not get tricked.

Just a quick recap: what is phishing? Phishing is when a quote-unquote hacker sends you an email disguised as a legitimate email from someone else.

Usually a phishing email might look like your bank trying to get you to log in to check your statement, or PayPal telling you that there was a recent charge they want you to look into. Phishing attacks can also be very personal and specific, like an email from your CEO asking you to quickly move some funds to a certain bank account or authorizing a payment.

The hacker will spoof the email in a way to make it look legitimate - the email would have all of the logos and header and footer information that, at a glance, makes it look real. When the user falls for the trap though, they end up providing sensitive information to the hacker. It’s one of the leading cybersecurity threats in the playing field right now. 

Phishing attacks are annoying, and they trick a lot of users, and this latest one even made me double take.

The Fake Voicemail Phishing Attack

Most modern phone systems, especially VoIP phone systems, have a convenient feature that will email you voicemails. That way, you can check them easily from your email instead of dialing into your phone. I like this feature a lot--it gives me one less place to check for communication--and I already spend a lot of time in my email. It’s really handy to be able to listen to a voicemail message directly from my inbox on any device.

That said, hackers have figured out that a lot of businesses use this feature, and now they are crafting phishing emails to look like voicemails.

The email comes in very much like it would from your phone system. The subject line will say something like “New Voicemail from: (555) 555-5555” (but with a real number) and attached will be a file that looks like it could be an audio clip of the voicemail.

Be very wary of this. That file could contain malware. Some of these emails also contain links or buttons to click on to download the voicemail. These could lead to sites that might try to steal your information or infect your computer with malware. In other words, if you get one of these, don’t click on anything or download anything.

How to Tell the Difference Between a Real Voicemail and a Phishing Attack?

This is where things get tricky, because hackers are going to continue to experiment and try to increase the accuracy of this spoof.

Right now, the best way to ensure that you don’t fall for fake voicemail phishing attacks is to ensure that your REAL voicemail get labeled in your inbox.

Depending on your VoIP system, your voicemail emails will come from a specific email, and have a specific subject line. You’ll want to filter these emails so you know they are legit, and when you get one that doesn’t get labeled as a voicemail, you know you should be suspicious.

Look for your previous voicemail emails. Note the email address they come from and the subject line.

  1. In Gmail use these steps:
    Click on the Gear icon and go to Settings
  2. Click Filters and Blocked Addresses and scroll down and click Create a New Filter.
  3. Enter in the From email and a part of the subject line that is consistent across all of your voicemail emails (typically this will be something like “new voicemail from” or something similar).
  4. Click Create Filter
  5. On the next screen, choose what you want to do to make it stand out. Personally, I star it, and apply a label called Voicemail
  6. Click Create Filter once more and it will save. 

In Outlook: 

  1. Create a rule by right-clicking a legitimate voicemail email and go to Rules > Create Rules…
  2. Set the From to the email address your voicemails come from, and enter a part of the subject line that is consistent across all of your voicemail emails (typically this will be something like “new voicemail from” or something similar).
  3. In the Do the Following section, check Move Item to Folder and select a folder (or create a new folder called Voicemail.
  4. Ok.

This will hopefully weed out most fake attempts, but you still need to be very vigilant and make sure you know what you are clicking on and downloading. If you are getting a lot of spam and phishing emails, we are here to help. Just give us a call at 020 8626 4485 to see what your options are.

Tip of the Week: How to Keep Your Wireless Printer...
Taking a Look at the Problems Behind Smartphone Ad...
 

Mobile? Grab this Article!

Qr Code

Tag Cloud

Technology Security Business Computing Productivity Network Security Cloud Best Practices Tip of the Week Business Managed IT Services Data Data Backup Data Recovery Hackers IT Services IT Support Innovation communications Hosted Solutions Disaster Recovery Software Backup Privacy VoIP Cybersecurity Malware Mobile Devices Small Business Efficiency Internet Saving Money Email Business Continuity Computer Cloud Computing Phishing Collaboration Hardware Business Management Outsourced IT Microsoft BDR Automation Information Technology User Tips Ransomware Productivity Smartphones IT Support Compliance Internet of Things Users Workplace Tips Workplace Strategy Quick Tips Smartphone Server Artificial Intelligence Communication Upgrade Risk Management Wi-Fi Mobile Device Management Network Managed IT Mobility Managed IT services Budget Training Spam Meetings Employee-Employer Relationship Covid-19 Gadgets Passwords BYOD Managed Service Provider Google Save Money Wireless Password Mobile Device Networking Human Resources Remote Avoiding Downtime Document Management Android Printing Information Windows 7 Remote Workers Social Media Microsoft Office VPN Remote Computing Chrome History Hosted Solution Router Instant Messaging Firewall Content Filtering Computers Data Management Cost Management Windows 10 Project Management MSP Monitoring Managed Service Virtual Private Network Help Desk Time Management Remote Work Video Conferencing Laptop Marketing Recovery Telephone Systems Government End of Support Hacker Personal Information Hard Drives Solid State Drive Current Events Encryption Battery Automobile Telephony Big Data Two-factor Authentication Audit Office Employer-Employee Relationship Value Saving Time Data Breach Data Storage Data Security Mobile Software as a Service Conferencing Redundancy Maintenance Devices Tech Term Proactive Computing Wireless Internet Hybrid Cloud Business Technology Printers IT Service Machine Learning Paperless Office Backup and Disaster Recovery Voice over Internet Protocol Mobile Office Manufacturing Customer Relationship Management AI Printer Managed Services Mobile Computing Proactive IT Social Engineering Transportation Going Green Browser Applications Private Cloud Operating System iPhone Health Windows Money Facebook Administration Colocation Windows 10 Advertising PDF Apps Legal Wireless Technology Flexibility Update Cybercrime Black Market Virtualization Shadow IT Disaster Education Application Save Time Work/Life Balance Office 365 Antivirus Holiday Entertainment HIPAA Phone System Analytics Electronic Medical Records Cleaning Hacking Smart Technology Vendor Management Samsung Company Culture App SaaS Upgrades Vulnerability The Internet of Things Dark Web Nanotechnology OneNote Business Intelligence Managed IT Service Data Protection Commerce Regulation Professional Services Travel Word Apple User Error Data Loss File Sharing Storage Lifestyle Evernote Workers Spyware intranet Blockchain IoT Analysis Chromebook Smart Tech Connectivity Streaming Media Content Filter Management Financial Technology Gamification Students Unified Communications Remote Monitoring Wasting Money Amazon Virtual Assistant Alexa for Business WPA3 File Storage Bandwidth Vendor Telephone Utility Computing Payroll SMB Downtime E-Commerce Payment Cards Break/Fix e-waste Employees Smartwatch Development Azure Active Directory Windows Server Cybersecurty Window 10 Online Storage Fiber Optics Windows Server 2008 Copiers Voiceover Internet Protocol Business Telephone Computer Repair Troubleshooting CRM Workstations Outsource IT PCI DSS Regulations Compliance Cost Remote Working Leadership Bitcoin Finance Infrastructure Videoconferencing Streaming Customer Service Copier Authentication Hiring/Firing RMM Windows 11 Cabling Going Paperless Inventory Management Employer/Employee Relationships Outsourcing How To Microsoft Outlook Files Regulations Paperless Solutions Microsoft 365 Strategy Consulting Decision Making Ergonomics Signage Customer Experience Robot Google Drive Miscellaneous Alert Law Enforcement Reputation Social Relocation Search Internet Exlporer Text Messaging Office Tips HaaS Video Games Scalability Humor How To Best Practice USB Virtual Reality Managing Stress Point of Sale Identity Theft Worker Commute Politics Experience Music Books Safety Emergency Worker Scam Computer Accessories Charger Computer Care Unsupported Software Television Business Strategy WiFi Unified Threat Management Consultant Touchscreen Emails Webinar IT solutions Windows 10s Hard Disk Drive iOS Computer Fan Root Cause Analysis Augmented Reality CrashOverride Settings Screen Mirroring Cast HBO IT Management IT Solutions WIndows Server 2008 Patch Management Outlook Shortcut Excel Sync Adobe Licensing Tablets NFL Windows Ink Google Maps Google Docs Microsoft Excel Sports Cortana Legislation Comparison Specifications Sales Retail Gifts Credit Cards FAQ Wireless Charging WannaCry Updates Microsoft Word eWaste Device Security Tech Support Fraud Edge Ciminal IT budget Identities Language Virus Websites Data Theft App store Mobile Security Identity Data Privacy Hard Drive Google Assistant Twitter Computer Forensics Gmail PowerPoint Memory Financial Bring Your Own Device Testing Camera Projects Display Co-Managed Services Hyperlink Wasting Time Accessory Peripheral Access Control Admin Keyboard Shortcuts Security Cameras Employee 5G Medical IT YouTube OneDrive Sabotage PC Server Maintenance Investment ROI Windows Server 2008 R2 Micrsosoft Digital Signage Processor Benchmarks Myths Threats Scams Managed Services Provider Facebook Privacy eCommerce Holidays Inventory Communitications Hosted Desktop Smart Devices Keyboard Net Neutrality Internet Service Provider Workstation Telework Audits Solutions Policy Procedure Organization Innovations Reviews Biometrics Computer Tips Work Windows 8.1 Voice Supply Chain Environment Workplace Strategies Print Management Healthcare SSD Remote Management Telephone System Print Database 2FA Virtual Desktop Proactive Management eSignature Cyberattack Cameras Digital Cameras Mixed Reality Displays