A new danger hackers runs on email who receive them every day companiesthis time the main target of computer hackers, via a fake voice message which is attached in the email: the multinational supplier Check Point Software, which deals with hardware and software products for security, is reporting what is happening in the last period.
Fake voice audio
“Fake voicemails as bait for credential harvesting“, he begins Jeremy Fuchs, a cybersecurity researcher and analyst at the company that is working on the issue. The goal of hackers is to make emails as credible as possible by trying to convince users to click on the various attachments they may contain. In this sense, many companies use the voice audio that is normally listened to on the cell phone via email with hackers taking advantage of it “including what appears to be a recording of a voice message, but is instead a hyperlink to a malicious page“, explains the expert.
What happens with emails
Globally, there have already been more than a thousand attacks in the last two weeks alone. In detail, the dangerous email begins with a line in which the subject is written which contains a telephone number: if you search for this on Google you will discover that it does not belong to anyone and is absolutely fake. The second deception concerns the sender, i.e Square, a service that processes some payments. “It’s a pretty convincing parody of the brand,” explains the company. Pay attention to the content, because the email seems to have an Mp3 file attached as an attachment that is in all respects similar to an attachment that refers to the answering machine but when you click on it you will be redirected to a web page that steals sensitive data and the user’s credentials.
The technique used
Compared to the numerous cyber attacks that can infect a device even without a voluntary click, in this case hackers need the user to actively participate in order for their attack to be successful. phishing (typical computer scam on the Internet). “The user must reproduce, click on a link or enter information for the attack to progress”, explains Fuchs. In this sense, a voice message can be the most fertile ground for deceiving some users, even more so because a well-known brand (Square) is impersonated with audio that could arouse curiosity and be open to being able to steal credentials.
How to defend yourself
To defend against these attacks are at least three guidelines drawn up by Check Point Software: increase the level of security also using artificial intelligence, equip oneself with effective security measures that can control and emulate all URLs (Uniform Resource Locators) and increase the security of devices with greater levels of protection.