Subject:<\/strong> New Voicemail (1 minute, 30 seconds) a wireless team caller [NAME REMOVED<\/em>]<\/p>\n\n\n\n
![\"\"](\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/09\/9-30-24-voicemail-phish.png\")
<\/figure>\n\n\n\nWhere did the link lead?<\/p>\n\n\n\n
The link first led to a page on randyrichardsonlaw[.]com asking you to click to play the voicemail.<\/p>\n\n\n\n The link then went to a page that appeared to have an audio file to play on gvlrco[.]com. <\/p>\n\n\n\n When clicking on the page, it led to a fake Microsoft login page designed to steal your credentials.<\/p>\n\n\n\n Tips for Detection<\/p>\n\n\n\n Text of Phishing Message<\/p>\n\n\n\n From: <\/strong>[NAME_REMOVED<\/em>]@afandpa[.]org This message was generated automatically.<\/p>\n\n\n\n You have received an incoming voice message today. Please take a moment to preview it and respond. You can listen to the recording Here: Play voice here<\/p>\n\n\n\n ID – [NAME_REMOVED<\/em>]@afandpa[.]org Thank you for using the new Cisco Unity Connection Messaging System (MICROSOFT TEAM) . Original Phishing Message From: [NAME_REMOVED]@afandpa[.]orgSubject: New Voicemail (1 minute, 30 seconds) a wireless team caller [NAME REMOVED] Where did the link lead? The link first led to a page on randyrichardsonlaw[.]com asking you to click to play the voicemail. The link then went to a page that appeared to have an audio file to play […]<\/p>\n","protected":false},"author":521,"featured_media":1284,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-1283","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1283","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=1283"}],"version-history":[{"count":1,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1283\/revisions"}],"predecessor-version":[{"id":1288,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1283\/revisions\/1288"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/1284"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=1283"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=1283"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=1283"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"\"](\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/09\/9-30-24-voicemail-phish-link-1-1024x700.png\")
<\/figure>\n\n\n\n![\"\"](\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/09\/9-30-24-voicemail-phish-link-2-1024x522.png\")
<\/figure>\n\n\n\n![\"\"](\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/09\/9-30-24-voicemail-phish-link-4-1024x523.png\")
<\/figure>\n\n\n\n
Subject:<\/strong> New Voicemail (1 minute, 30 seconds) a wireless team caller [NAME REMOVED<\/em>] <\/p>\n\n\n\n
Hello, This is [NAME REMOVED<\/em>] from AMERICAN FOREST & PAPER ASSOCIATION, I hope you are doing well today? I called regarding\u2026. Transcribe the entire message.<\/p>\n\n\n\n
Call from: +1 (703) 647-5113
Date of call: 2024-09-30
Called by: [NAME REMOVED<\/em>]
Length of phone call: 1 minute, 30 seconds<\/p>\n\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"