14 DAY TRIAL // In case you come across a suspicious Avaya voicemail notification in your inbox, take a minute to analyze it before opening the attachment since the email might be part of a cybercriminal scheme.
Dynamoo’s Blog reports that emails entitled “Voice Mail Message” are being used to distribute a piece of malware.
“This voice message was created by Avaya Modular Messaging. To listen to this voice message, just open it,” the bogus Avaya notifications read.
The file attached to the email is not an audio file as it appears at first sight. Instead, it’s a malicious executable that’s flagged as a threat by only a handful of the antiviruses from VirusTotal.
Once it infects the computer, the malware starts communicating with a domain called adamdevarney.com, hosted on 209.236.71.58. This IP address has been seen in other malware campaigns as well, which indicates that there might be hundreds of compromised domains hosted on the same server.
If you’ve already opened the attachment, scan your computer with an antivirus product. Even if the malware is not detected by signature-based systems, modern antiviruses can detect threats based on their behavior.