Don’t be fooled by digital voicemail phishing attacks

January 21, 2020
voicemail_phishing

We see a variety of advanced phishing attacks on a daily basis. More recently, we’ve seen an uptick in the number of phishing attacks designed to look like a voicemail notification email. The hacker’s goal is to get the recipient to click on the button and login to their account to hear the message. Except there is no message and as soon as they log in, their credentials are stolen. For our customers, before they began using Graphus®, these types of attacks were very successful.

Below is an attack Graphus® detected for one of our customers that slipped past their existing security technologies. As you can see, our EmployeeShield™ was included in this message to warn the recipient that this message was suspicious.

email_employeeshield

When the recipient clicks on the button it takes them to a login screen asking them to enter their password to sign in and listen to the voicemail. Once they enter their password, their account has been compromised.

phishing_vm

Graphus® doesn’t rely on traditional detection methods such as sender reputation, DMARC, or threat intelligence as devious attackers know how to get past these methods with ease. Instead, Graphus® relies on the TrustGraph®, our powerful and patented AI technology. The TrustGraph® allows for Graphus® to detect even the most sophisticated cyber attacks that get past your existing technologies.  When you couple this powerful technology with EmployeeShield™, you get the industry’s first automated phishing defense platform that provides immediate protection against spear phishing, phishing, business email compromise, and malware attacks.