Sunday, February 9, 2025
HomePhishingBeware of Zoom Phishing Campaign that Threatens Employees Contracts will be Suspended...

Beware of Zoom Phishing Campaign that Threatens Employees Contracts will be Suspended or Terminated

Published on

SIEM as a Service

Follow Us on Google News

A new zoom phishing campaign observed asking recipients to join a zoom meeting that threatens employees that their contracts will be either suspended or terminated.

The recipients are presented with a fake Zoom login page that asks recipients to input the login credentials.

Zoom is an online video communication platform that has features such as video conferencing, online meetings, chat, and mobile collaboration.

Zoom Phishing Campaign

According to security researchers from Abnormal Security, more than 50,000 has been targeted. The campaign primarily targeted employees using Office 365.

Zoom Phishing
Phishing Email

With the campaign, the attacker impersonates Zoom by convincing the recipients to reach the fake landing page that mimics the notifications from Zoom.

The email contains a link with a fake login page “zoom-emergency.myftp[.]org” and the phishing domain hidden with the button such as “Join this Live Meeting”.

Zoom Phishing
Fake Login Page

Once the victim enters the login credentials the details will be sent to the fake Zoom server controlled by attackers.

The email mimics as a reminder for meeting with HR regarding the termination, it creates a panic when the victims read the email, and hurriedly tries to join the meeting.

Threat actors crafted the email to be legitimate Zoom notification and the fake login also formatted like a legitimate meeting reminder commonly used by Zoom, reads Abnormal Security blog post.

“Frequent Zoom users would look at the login page, think their session has expired, and attempt to sign in again. They would be more likely to input their login credentials without checking the abnormalities in the phishing page.”

A Couple of days before a new Zoom flaw lets hackers record Zoom meeting sessions and to capture the chat text without the knowledge of meeting participants’ even though host disables recording option for the participants.

Cybercriminals continue to use the Coronavirus outbreak to launch various attacks such as malware, phishing, fraud, and disinformation campaigns.

In the current situation, most of the organization has been closed and the employees are provided with options to work from home. So the RDP and the video communication platforms are heavily targeted by attackers.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

UK Pressures Apple to Create Global Backdoor To Spy on Encrypted iCloud Access

United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all...

Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity

Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning...

Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks

Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is...

Cybercriminals Target IIS Servers to Spread BadIIS Malware

A recent wave of cyberattacks has revealed the exploitation of Microsoft Internet Information Services...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Hackers Exploit ADFS to Bypass MFA and Access Critical Systems

Hackers are targeting organizations using Microsoft’s Active Directory Federation Services (ADFS) to bypass multi-factor...

Hackers Exploiting 7-Zip Zero-Day Vulnerability to Deploy SmokeLoader Malware

A newly identified zero-day vulnerability in the widely used 7-Zip archiving software, designated as...

New Phishing Attack Hijacks High-Profile X Accounts to Promote Scam Sites

A new wave of phishing attacks has been identified, targeting high-profile accounts on the...