Scammers are deploying various tactics to trap unsuspecting individuals. Recently exposed is a scam where they target people using voicemails and QR codes. Reports suggest that in the past 14 days, scammers have executed 1,000 such attacks. Check Point Harmony Email shared insights on this cyber threat.
Details were shared with Hackread, revealing that cybercriminals are embedding malicious links into emails linked with corporate phone systems, disguised as voicemail playback.
In simple terms, hackers are sending emails with voice notes which actually contain malicious links disguised as voice notes.
To deceive users, scammers use such tricks making users believe these
voicemails
are real, prompting them to click on malicious links. It’s reported that hackers have sent 1,000 emails using this method in just a fortnight, utilizing social engineering tactics.
Read more: Indian Air Force Cyber Attack: Attempted Cyber Infiltration, E-mails Designed to Steal Critical Data
Scammers also send conditional routing QR codes, targeting end-users based on their device type. The emails sent appear to be from payment processor services like Square but are actually traps, using the brand merely to lure victims.
Source: aajtak
Moreover, the email subject includes a phone number verified via Google search. An MP3 player is sent, claiming to house a voicemail, which upon clicking, redirects users to a credential harvesting page. However, these scams require user interaction.
Read more: Cyber Fraud: High Returns Led to Massive Losses
If you don’t click on such emails, they won’t harm you. Users often tailor their attack strategies based on responses received. If they succeed in trapping users, emails masquerading as different brands are sent. If unsuccessful, scammers devise new phishing methods.
The surest way to avoid such scams is to refrain from clicking unknown links. Combating zero-click vulnerabilities is challenging, thus scammers use methods that trick users into clicking links.
