Zoom Phishing is Still Rampant

Zoom Phishing is Still RampantCybercriminals are still using Zoom and other conferencing platforms as phishbait, according to Zlati Meyer at Fast Company. This phishing theme isn’t likely to let up any time soon, so employees need to know how to recognize these scams.

“The bait is decorated with the Zoom logo and sent via text, email, or social media message to say that your account has been suspended (but can be reactivated by clicking on the attached link), that you missed a meeting (but can click on the link to find out the details and schedule), or that Zoom is welcoming you (but you need to click on the link to activate your account), according to the Better Business Bureau,” Meyer writes. “Of course, the link does none of those things and instead downloads malware to your computer or mobile device or takes you to a login page where you need to enter your login and password, which lets the thieves gain access to other accounts with similar combinations.”

Edgar Dworsky, founder of Consume World, told Fast Company that this trend isn’t surprising, since scammers always capitalize on what’s popular at the moment.

“For people who are in this business of doing phishing schemes, it becomes the scam du jour,” Dworsky said. “What’s popular now? How can I capitalize on something that’s in people’s minds, that they use? The timeliness and popularity is something they look for.”

Dworsky added that scammers exploit the fact that Zoom notifications are something they have to pay attention to for their jobs.

“They create a sense of urgency, because they know you have some upcoming meeting and need to fix this,” Dworsky said. “With any one of theses phishing scams, you have to look before you click. The relevance lends credence to the fact that that’s legit.”

New-school security awareness training with realistic, up-to-date phishing simulations can help your employees recognize social engineering tactics.

Fast Company has the story.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Topics: Phishing

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews