Dynamics 365 Customer Voice Service Detected To Be Manipulated In Phishing Attacks
Avanan security researchers have determined that the Dynamics 365 Customer Voice service, a Microsoft product that institutions/organizations use to get customer feedback, is manipulated in phishing attacks by threat actors. Threat actors behind this phishing campaign are planning to seize the Microsoft account information of customers by sending phishing links that appear legitimate to customers via Dynamics 365 Customer Voice.Figure 1: Email Body Containing Phishing LinkThe campaign starts with the delivery of a phishing e-mail to the recipients via the old name of the service, “Forms Pro,” stating that they have a new voicemail. When the Play Voicemail button is clicked, targets are directed to a phishing page that mimics the Microsoft login page. However, the URL of that phishing page has no connection with Microsoft. Therefore, Microsoft login credentials entered by targets are captured by threat actors.Figure 2: Phishing Page Imitating Microsoft Home PageThe campaign is an attack that requires careful detection by targets, as the phishing link is not visible until the last step. Additionally, destinations are redirected from the e-mail body to a legitimate page first, so hovering over the URL in the e-mail body does not provide protection. In this context, in order not to be the target of phishing attacks that can be carried out using similar methods, attention is paid to the following security recommendations;
Users should check all URL addresses, including links in the e-mail body,
E-mails, attachments, and links from unknown parties should not be trusted,
We're here to help you with any questions or cyber security needs you may have! Our Team of experts is available around the clock and ready to asist. You can choose from the contact options below or simply fill out the form to get in touch with us. Dont hesitate to reach out - we're always happy to chat!
