UT System employees have recently been targeted by phishing email that contains a link to a voice message. Clicking on the link in the email directs the user to login to Microsoft Office 365.
While voicemail phishing scams are not new, security researchers have recently seen an uptick in those targeting Microsoft Office 365 credentials. It is important that employees be wary of any email that purports to be a voice message. Hover your mouse over the sender’s name to examine the email address and hover over the links in the message in order to examine the destination URL. If either the sender or the links look suspicious, use the Phish Alert button in your Outlook toolbar to report it. If you do not have the Phish Alert button, forward the email to abuse@utsystem.edu.
A legitimate UT System voice mail notification will include a recording of the message, not a link to the message, and will not come with an external mail tag.