thinkCSC is urging all VoIP users to take precautions when receiving voicemail to email services, as thinkCSC has identified a new security risk targeting VoIP users. The attack sends a voicemail to email with a .zip or .exe attachment that, when opened, can infect the user’s system and network.
The voicemail to email message will look like it comes from your messaging system but will be from an unknown number. thinkCSC urges VoIP users to proceed with caution when receiving a message from an unknown number. Do not open any .zip or .exe files. Legitimate voicemail to email message formats are .wav or ,mp3 files; if you receive any other type of file, you should assume it is a fake voicemail to email message.
These harmful messages are typically from numbers using non-existent area codes. A listing of all U.S. and Canadian area codes can be found here.
What To Do If You Have Received a Fake Voicemail to Email Message on Your VoIP Service:
- Do not open any message that is not in .wav or .mp3 format
- If you receive a message with a .exe or .zip file attached, DO NOT open it
- If you believe your system has already been compromised, or if you have already opened the file, contact thinkCSC right away.
If you have any questions or believe you have been a target of this threat, please contact our team at your earliest convenience.
