New Veeam-Themed Phishing Attack Uses Weaponized WAV File to Target Users

New Veeam-Themed Phishing Attack Uses Weaponized WAV File to Target Users Cybercriminals are now leveraging seemingly innocuous voicemail notifications to distribute malware, with a recent campaign impersonating Veeam Software to exploit users’ trust in enterprise backup solutions. This attack vector highlights the growing intersection of social engineering and file-based exploits, where attackers weaponize common audio formats like WAV files to bypass traditional email security filters and delivermalicious payloadsdirectly to unsuspecting recipients. Technical Breakdown The phishing attempt begins with an email masquerading as a standard voicemail alert from VoIP systems, a format familiar to many professionals who rely on unified communications platforms. Attached to the email is a WAV file, ostensibly containing a recorded message. Upon playback, the audio transcript reveals a scripted call from an alleged Veeam Software representative, stating: “Hi, this is xxxx from Veeam Software...