A phishing campaign is using voicemail notification messages to go after victims’ Office 365 credentials.
According to researchers at ZScaler, the campaign uses spoofed emails with an HTML attachment that contains encoded javascript.
The email claims that you have a new voicemail and that you can listen to the message by clicking on the attachment. To add credibility, the name of the attachment starts with a music note character like f.e. ♫ to make it look like a sound clip. In reality, it is an HTML file with obfuscated javascript embedded.
