• Home
  • Apps
  • Apps News
  • Zoom Users Under Threat Once Again, Phishing Campaign Aims to Steal Zoom Credentials: Report

Zoom Users Under Threat Once Again, Phishing Campaign Aims to Steal Zoom Credentials: Report

Zoom users are getting phishing emails, asking them to login with their credentials on fake websites.

Share on Facebook Tweet Snapchat Share Reddit Comment
Zoom Users Under Threat Once Again, Phishing Campaign Aims to Steal Zoom Credentials: Report

Photo Credit: Proofpoint

Zoom phishing emails seem to link users to a “spoof page”

Highlights
  • Zoom users may be under threat of phishing emails
  • These emails ask users for their credentials
  • Hackers are targeting Zoom users owing to the massive userbase

Zoom is a rapidly growing video conferencing service that is being used by more than 200 million users. But the service has been in the news for all the wrong reasons, including security flaws and vulnerabilities. Now, another threat to Zoom users has been reportedly spotted. Hackers are using credential phishing emails to gain access to Zoom users' account details. According to a report, hackers are targeting individuals and businesses in the transportation, manufacturing, technology, business, and aerospace sectors in the US.

Owing to the ongoing coronavirus pandemic, offices, schools, and other organisations have switched to video conferencing as a means of communication. This has led to the massive increase in user base for services like Zoom.

In an analysis published by Proofpoint, it was found that credential phishing is being used to gain access to user account details. Phishing is the process of deceiving and luring users into sharing their account details.

The report states hackers are using emails to target multiple sectors in the US. The emails seems to come from an “admin account” like “Rouncube Admin” or "admin@servewebteam[.]gq" and contains the subject line “Zoom Account.” The body of this mail seems to welcome users to Zoom and gives them a link to activate their account. This link takes the user to a “generic webmail landing page” where they are asked to enter their credentials.

Zoom phishing email threat inline1 zoom

Phishing email comes with subject line "Zoom Account"
Photo Credit: Proofpoint

 

Another phishing email discovered by Proofpoint tries to lure Zoom users with a “missed meeting” message. The mail claims that the user has missed a Zoom meeting and gives a link through which the recipient can check their missed conference. Clicking on the link takes the user to a Zoom page that looks quite official but, Proofpoint claims it is a “spoofed Zoom page.” The user is asked to enter credentials here.

Zoom phishing email threat inline2 azoom

The mail can state user has missed a Zoom meeting
Photo Credit: Proofpoint

 

A smaller campaign targeting manufacturing, industrial, marketing/advertising, technology, IT and construction companies tries to infect users with ServLoader/NetSupport remote access Trojans. The mail thanks the recipient for responding to a fake RFQ (Request for Quotation) and offers to have a Zoom call. The subject line in these mails can be “[Company] Meeting cancelled - Could we do a Zoom call”, “[Company] - I won't make it to Arizona - Could we talk over Zoom?”, “The [Company] - I won't make it to Tennessee - Can we talk over Zoom?”, and other variations.

Zoom phishing email threat inline3 zoom

Phishing email aims to distribute the ServLoader/NetSupport remote access Trojans
Photo Credit: Proofpoint

 

It was also found that a large agricultural firm was sent an attachment that required it to “enable macros” after which a ServLoader PowerShell script is executed and that installs NetSupport, a remote-control application.

With most of the people using video conferencing as a means of communication during the ongoing coronavirus pandemic, the threats against their privacy and security seem to be increasing. However, it should be noted that this latest threat is not Zoom's fault in particular.

 

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Further reading: Zoom, Credential Phishing
Vineet Washington Vineet Washington writes about gaming, smartphones, audio devices, and new technologies for Gadgets 360, out of Delhi. Vineet is a Senior Sub-editor for Gadgets 360, and has frequently written about gaming on all platforms and new developments in the world of smartphones. In his free time, Vineet likes to play video games, make clay models, play the guitar, watch sketch-comedy, and anime. Vineet is available on vineetw@ndtv.com, so please send in your leads and tips. More
Microsoft 365 Personal, Family Subscriptions Now Available in India: Check Price, Features
Samsung Galaxy Note 20 to Get a Bigger Battery Than Galaxy Note 10: Report

Related Stories

 
 

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2020. All rights reserved.
Listen to the latest songs, only on JioSaavn.com