Attackers Stealing Information from WhatsApp
Voice message notifications from WhatsApp were the center of a malicious phishing campaign. The campaign targeted Office 365 and Google Workspace accounts and the emails that were sent came from a domain that is connected to a legitimate site. According to Armorblox, the site is State Road Safety operations for Moscow and belongs to the Ministry of Internal Affairs of the Russian Federation.
Potential victims of the campaign receive an email titled “New Incoming Voice Message.” The body of the email looks like it’s a secure message from WhatsApp that informs the victim that they received a new private voicemail. It even includes a “play” button to listen to your new voicemail.
This particular attack is tricky and hard to detect since it looks like it is coming from legitimate sources. One of the best ways to be aware of these types is to educate yourself – take trainings so you know what to look for, as well as read up on current scams that are taking place so you are on alert and never click on a link sent to you from a source you do not know.
Categorised in: IT Threat