A interesting phishing attempt was reported by a contact. It started with a simple email that looked like a voice mail notification like many VoIP systems deliver when the call is missed. There was a WAV file attached to the mail[1].

Here is a transcript of the recording:

"Hi, this is xxxx from Veeam Software. I'm calling you today regarding ... <not clear> ... your backup license which has expired this month. Would you please give me a call to discuss about it?"

This was not targeted because the person who received the mail was not involved with Veeam (or any IT environment). Did you receive such emails recently or in the past?

[1] https://blog.rootshell.be/stuff/veeam-voicemsg.wav

Xavier Mertens (@xme)
Xamecosys
Senior ISC Handler - Freelance Cyber Security Consultant
PGP Key