Phishing Campaign Caught Spoofing Zoom

As people have been forced to work from home due to the coronavirus outbreak, there’s been a surge in the use of virtual meeting programs to stay in touch with colleagues and co-workers. Cybercriminals have been happy to exploit all aspects of the coronavirus, and that includes this move toward remote working. A new phishing campaign spotted by Abormal Security takes advantage of the popularity of Zoom to try to capture account credentials of unsuspecting users.

Mimicking a real Zoom notification, the initial phishing email tells recipients that they’ve recently missed a scheduled meeting. The email contains a link that promises more details and a recording of the meeting. To lend legitimacy, the message is formatted with the potential victim’s username, while the link also contains the username. To add a sense of urgency, the email states that Zoom will keep the message only for another 48 hours…  TechRepublic

Stay Updated

Get critical information for loss prevention professionals, security and retail management delivered right to your inbox.