We've previously written blog posts to be cautious of suspicious Zoom meeting links, and we even reported a huge increase in phishing attacks using Zoom of August this year. The heads-up is that these attacks are happening right now in high volume.
Unfortunately, one hedge fund company based in Australia did not get the message.
The Australian Finance Review reported that Levitas Capital’s largest institutional client, Australian Catholic Super, had pulled a planned $16 Million investment following the September incident and the fund would be closing down. It was later reported that this was due to a fake Zoom meeting invite phishing link that was opened by one of the co-founders of the organization.
Fraudulent invoices were then sent to other companies that the fund had previously worked with. “There were so many red flags which should have been spotted … It makes you wonder where else in the system could this happen?” said Michael Fagan, co-founder of Levitas Capital.
Here is the screenshot of the Zoom invite to show just how realistic the invite looked:
Let this be a warning for other companies not taking new-school security awareness training seriously. It's important to continually educate your users of common social engineering tactics like this one.
