Avanan researchers have warned that threat actors could send a phishing email through Microsoft’s Dynamics 365 Customer Voice CRM tool. This could be done by disguising it as an important voicemail from the customer where the “Play Voicemail” button redirects the victims to a phishing landing page. The advice to users is to look carefully at all URLs, even when they are not in an email body.