Wednesday, October 21, 09:38
Home security New Zoom Phishing campaign threatens dismissed employees

New Zoom Phishing campaign threatens dismissed employees

Phishing

Security researchers have discovered a new phishing campaign that uses it Zoom to invite employees to an alleged conference, informing them that their contract with their company will be suspended or terminated.

Victims receive a fake link, which leads to a built-in Zoom website, which asks users to enter credentials connection their.

As you probably know, Zoom is one of the most popular teleconferencing platforms, with additional features such as online meetings, chat and mobile collaboration.

New Phishing campaign

More than 50.000 company employees have fallen so far victims of this new Phishing campaign, as discovered by its security researchers Abnormal Security. The campaign is mainly aimed at employees using Office 365.

The e-mail Received by recipients, it contains the “zoom-emergency.myftp [.] Org” link that leads to a fake website, as well as domain e-fishing hidden in an option such as "Participate in this live meeting".

Once the victim enters the login credentials, they will be sent to the fake Zoom server controlled by them. hacker.

The email serves as a warning that the employee's contract will be terminated, in order to create panic and so the victim is surprised and hurriedly puts his credentials to participate in the teleconference, without paying much attention to the website.

"Users who use Zoom frequently will see the login page, believe that their session is over, and try to reconnect. They will be more likely to enter their connection credentials without noticing that it is an electronic fishing page. "

The incident comes just days after the discovery of a Zoom vulnerability, which allowed a hacker to record sessions on the platform, as well as conversations, without the participants knowing, even if the organizer of the conference turned off the registration option for the participants.

The Criminals of cyberspace continue to use the pandemic to launch various attacks malware, electronic fishing, scams and misinformation campaigns. As the situation has developed, most workers are now working from home, using platforms such as Zoom, resulting in increased attacks on them.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Google removes two ad blockers that collect user data

Google removed two ad blocker extensions from the official Chrome Web Store over the weekend after realizing that they were stealing ...

Two out of five employees are not sure what phishing is

The COVID-19 pandemic posed a significant challenge for businesses around the world, as the dispersed workforce seems to be ...

Hackers disguise themselves as McAfee staff and deceive users

According to Google, hackers backed by the Chinese government were disguised as McAfee employees to trick users into ...

How to find products sold by Amazon itself

Amazon acts as an intermediary in the sale of millions of goods by thousands of sellers around the world. The quality of these products varies ....

How to stop the automatic switching of AirPods between iPhone and iPad

AirPods and AirPods Pro automatically switch between iPhone and iPad. If you turn off the iPad and start a call on your iPhone, ...

The Windows 10 KB4579311 update has an installation problem

Windows 10 users face many problems when installing the latest cumulative update KB4579311 and those who can ...

The big "Twitter hack" was the result of employee fraud

The biggest Twitter hack that has become known to date, was the one that took place last July and resulted in ...

Gang ransomware donates part of ransom to charities

The Darkside ransomware gang has donated 10 thousand dollars from the ransom it has collected from its victims to Children International ...

FinCEN fines $ 60 million companies for bitcoin money laundering

The US Treasury Department's Financial Crimes Enforcement Network (FinCEN) today announced the first sentence against cryptocurrency services, Helix and ...

US: accuse Russians of global attacks

Six Russian agents have been indicted by the US Department of Justice for attacks related to the Winter Olympics in Pyeongchang, ...