• Home
  • About
  • Services
  • Cyber Security
  • Software & Hardware
  • Cloud Computing
  • Blog
  • 📞 832-295-1411
832-295-1411 info@executiveithelp.com | Client Logins
facebook
linkedin
twitter
google_plus
  • Home
  • About
  • Services
  • Cyber Security
  • Software & Hardware
  • Cloud Computing
  • Blog
  • 📞 832-295-1411

Technology

SCAM OF THE WEEK: Microsoft 365 Users Targeted with Fake Voicemails

09 Mar 2022
0 Comment
David McDowell

KnowBe4 logo.
Scam of the Week banner.

SCAM OF THE WEEK:

Microsoft 365 Users Targeted with Fake Voicemails

Cybercriminals continue to find new ways to trick users and steal their credentials. Sometimes, they even recycle decades-old tools that were never intended to be malicious.

For example, in a new scam, cybercriminals attack Microsoft 365 users with malicious files disguised as voicemails. The scam works by sending an email with a voicemail file attached. The filename ends in “mth.mp3”, appearing to be a legitimate MP3 file. However, the file is actually a malicious HTML file that has been disguised using right-to-left override (RLO) functionality.

RLO was created 20 years ago for languages that read from left-to-right instead of right-to-left. Unfortunately, cybercriminals now use this functionality to make malicious files look safe. For example, in this scam, cybercriminals use RLO to display “mp3.htm” as “mth.mp3”. If you open the file, you will be taken to a fake Microsoft 365 login page instead of a voicemail. Then, any credentials that you enter on the fake login page will go straight to the cybercriminals.

Follow these tips to stay safe from similar scams:

  • Never click links or download attachments in an email that you were not expecting.
  • Before you share any sensitive information online, make sure that the website is legitimate. For example, an MP3 file should never take you to a login page. If you’re uncertain, navigate to the website directly.
  • Before you share any sensitive information online, make sure that the website is legitimate. If you’re uncertain, navigate to the website directly before sharing any information.
  • Remember that cybercriminals can use more than just links within emails to phish for your information. Always think before you click!
Stop, Look, and Think. Don’t be fooled.
Executive IT Help Security Team
Office: 832-295-1411

Stop, Look, and Think. Don’t be fooled.

About the Author

Social Share

  • google-share

Request Information

    Categories

    • Blog
    • Services
    • Uncategorized

    Quick Menu:

    • Home
    • About
    • Managed Services
    • Cyber Security
    • Software and Hardware
    • Cloud Computing
    • Blog
    • Contact

    Recent Posts

    • 62 Texas, United States Based Business Information Systems Companies | The Most Innovative Business Information Systems Companies
    • SCAM OF THE WEEK: Using QuickBooks to Make a Quick Buck
    • SCAM OF THE WEEK: Malicious Multi-Vector Attacks
    • SCAM OF THE WEEK: What’s Up with WhatsApp Scams?
    • SCAM OF THE WEEK: Prime Time for Amazon Prime Day Scams

    Our Location:

    Executive IT Help, Inc.
    1414 South Loop W, Suite 110
    Houston, TX 77054
    832-295-1411

    Managed It Services · Security · Software and Hardware · Cloud Services · Data Backup · Disaster Recovery
    Serving Houston, Pasadena, Galveston, Sugar Land, Texas City, and surrounding areas
    © Executive IT Help, Inc.

    Executive IT Help Consultation

    Name(Required)
    Company(Required)