Phishing attacks have been circulating as cyber criminals attempt to steal Zoom credentials from recipients. Circulating through email, text and social media messages, Zoom’s logo is used alongside a link to clickthrough and enter account details.
The message tells recipients that they have missed a meeting or that they need to re-activate their suspended accounts, and to sort the problem, they need to ‘login’ to an official-looking website. When a user clicks and enters their email and password, they have, in fact, given away their critical account information to cyber criminals. This could give criminals access to sensitive files, intellectual property data and financial information shared via the service – as well as the potential for social engineering attacks using the victim’s contacts.
There have been over 2,000 false Zoom domains registered this year, as the collaborative platform has seen a massive rise in its overall usage due to the COVID-19 pandemic. Potential victims can protect themselves from these scams, by checking the sender’s information. Zoom.com and Zoom.us are the only official domains used by Zoom, so emails from any others are false. Additionally, you should never open links from unsolicited emails.
Visit Neuways’ Phishing Awareness section for further tips to keep your business safe from phishing campaigns.