Attackers Spoof WhatsApp Voice-Message Alerts to Steal Info

Attackers are spoofing voice message notifications from WhatsApp in a malicious phishing campaign that uses a legitimate domain to spread an info-stealing malware, researchers have found. Researchers at cloud email security firm Armorblox discovered the malicious campaign targeting Office 365 and Google Workspace accounts using emails sent from domain associated with the Center for Road Safety, an entity believed to reside within the Moscow, Russia region.So far, attackers have reached about 27,660 mailboxes with the campaign, which spoofs WhatsApp by informing victims they have a “new private voicemail” from the chat app and includes a link purporting to allow them to play it, researchers said. Targeted organizations include healthcare, education and retail, researchers said.

Read more about it here.