Microsoft’s Dynamics 365 Customer Voice product allows organizations to gain customer feedback, it is used to conduct customer satisfaction surveys.
Researchers from cybersecurity firm Avanan, uncovered a campaign abusing Microsoft Dynamics 365 customer voice to steal credentials from the victims.
The experts reported hundreds of these attacks in the last few weeks. The emails come from the survey feature in Dynamics 365, the senders’ address includes “Forms Pro,” which is the old name of the survey feature.
The message informs the recipient that a new voicemail has been received. Upon clicking on the Play Voicemail button, the recipient is redirected to a phishing link that points to a page that clones the Microsoft login page.
Using Customer Voice links, threat actors are able to bypass security measures.