What looks like a new, missed voice message is actually a way to send phishing pages through to the inbox. 

By leveraging a legitimate Microsoft page, hackers can create phishing pages that are more likely to get into the inbox. 

You'll notice that the message comes from Microsoft. The link is legitimate. However, this combination of voice message and survey link is being used to host phishing pages.  

Hackers are leveraging the legitimacy of Microsoft to get into the inbox. Once there, they hope that users will rely on the legitimacy to click.

Users may be able to spot that it's malicious given the difference between "New Voice Message" and the "Start Survey" button. 

However, this tactic is an effective one, especially when going up against security solutions that rely on static Allow or Block Lists.

Subscribe to Our Attack Briefs for More Research