Initially targeting Zoom users; the phishing scam aims for Outlook and Office365 credentials.
As the digital world deals with the added responsibility of hosting more and more meetings online, popular video conferencing apps like Zoom and Microsoft Teams have increasingly come under fire from cybercriminals.
With over 300 million participants every day, this makes Zoom a highly lucrative target for malicious elements. Keeping this in mind, in the latest, researchers from INKY have revealed how the app is being subject to a dedicated phishing campaign in several countries designed to extract credentials from users.
To start with, the attackers sent very convincing phishing emails to Zoom users with a variety of messages including but not limited to reviewing a meeting invitation, downloading a file attached to access details about a meeting invitation, and downloading a particular attachment to start the meeting in itself.
These originated from both hijacked accounts and also newly purchased domain names such as zoomcommuncations[.]com and zoomvideoconfrence[.]com which gives an aura of legitimacy to anyone who looks a bit deeper. Moreover, these also help bypass an email provider’s conventional filters.