Phishing Attacks Misuse Microsoft Dynamics 365 Customer Voice Functionality to Hide Malicious Links

Phishing Attacks MisuseLeveraging a legitimate feature of Dynamics 365, threat actors are able to obfuscate the malicious nature of the email within content that naturally requires user interaction.

It’s been called the “static expressway” – the use of legitimate sites to bypass security scanners that would, otherwise, spot the malicious nature of the phishing emails. We’ve seen this before in attacks using Paypal invoices, for example. In this latest attack documented by security analysts at Avanan, threat actors are using a survey feature within Dynamics 365 normally used to gain feedback from customers.

Instead, threat actors are sending bogus voicemails with links to play the voicemails that send victims to credential harvesting logon pages impersonating the Microsoft 365 platform. In some cases, legitimate Customer Voice links are also embedded for additional credibility with security scanners.


Source: Avanan

The challenge here for security solutions is that many solutions see a known-good link from a legitimate platform and don’t scan it (which, of course, does not help the situation). So you're not going to be able to rely solely on your security solutions to stop these kinds of attacks.  Instead, it’s up to the recipient user to be vigilant – something taught to those that undergo continual Security Awareness Training – when receiving emails that are unexpected, or look even the slightest bit off or out of place. 

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Phishing

Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews