A phishing campaign is using voicemail notification messages to go after victims’ Office 365 credentials. According to researchers at ZScaler, the campaign uses spoofed emails with an HTML attachment that contains encoded javascript.
Read full article on Malwarebytes Unpacked