Attackers have been pounding employee inboxes at companies that still use private branch eXchange (PBX) telephone systems for communication, delivering phishing that bypasses email defenses.
The messages pretended to be voicemail notifications from PBX integrations and featured custom subject lines to pass a superficial legitimacy test.
Businesses around the world use PBX systems for internal communication. Integration with the company’s email client allows employees to access voice messages from their inbox.
A fairly sophisticated phishing campaign in mid-May took advantage of this setup to deliver fake email notifications for voice messages in an attempt to steal login credentials.
Email security company IronScales caught almost 100,000 such phishing attempts “targeting hundreds of enterprises across all industries, including real estate, oil & gas, engineering, IT, healthcare, financial services and more.” [....]
IRONSCALES uncovered what has since evolved into a massive, global phishing trend in which attackers use custom subject lines to spoof the voicemail email as if it is coming from a PBX integration