Zoom phishing campaigns target Office 365 users

Office 365 users are advised to be on the lookout for Zoom phishing messages sent to their inbox.

Inside, there is a fake layoff notification that prompts you to log into your Zoom account – a fraudulent practice that is otherwise known as phishing.

To be more convincing, the message promises to lead to a Zoom meeting.

Around 50,000 mailboxes have received it so far, a report from Abnormal Security states.

The message is designed to invoke feelings of panic and prompt the victim to click on the link in a hurry to tune into the fake meeting.

At this point, the credentials used to log in are harvested by the phishing mechanism that runs in the background.

Inside the message, you may see a notification saying ‘Join this Live Meeting’ as well as a link to the malicious landing page hosted at zoom-emergency.myftp[.]org.

Bear in mind that you will not be able to see the link as it is hidden behind a portion of text.

As the coronavirus pandemic rages on, phishing campaigns continue to evolve.

Before the current Zoom campaign, there were instances of similar campaigns preying on people’s fears of catching the virus.

Although the emails distributed legitimate coronavirus information coming in the form of statistics and maps, they also contained hidden malware or phishing pages.

Some of these capitalised on people’s economic fears by promising small business loans and using lures referencing the federal stimulus package.

As many companies are having to let go of their employees due to the ongoing crisis, the current Zoom campaign plays on the fear of having your employment terminated.

Since the messages are masterfully crafted to appear as though they are coming from Zoom, Abnormal Security warns users to remain on their guard.

The same can be said for the malicious landing page that is copied down to the very last detail to resemble the real thing.