Zoom account details targeted in latest cyber scam

(Image credit: Zoom)

Top video conferencing software platforms are facing a number of new attacks from criminals looking to steal the login details of their users.

According to experts at security firm Proofpoint, services such as Zoom and WebEx have become popular targets for criminals, with a number of new scams emerging online in recent weeks.

The scams include phishing attacks to steal user login details, allowing hackers access into a company's network to cause havoc and spread malware.

Dashlane Password Manager, now with a free VPN
Dashlane Premium

Make careless data decisions history with our dark web monitoring and alerts. Get Dashlane for seamless, private 'interneting' with 2FA (two-factor authentication) by default. Your privacy matters to us‎ so that’s why there's no limit on devices or passwords stored or shared.

Zoom phishing

Proofpoint outlined multiple scams detected by its services in recent weeks as video conferencing usage has soared across the world due to the ongoing coronavirus lockdown.

This included a phishing email scam where a message entitled "Zoom Account” pretends to welcome a user to their new Zoom account. The victim is then encouraged to activate their accounts by entering their login details on a different landing page, however this false site simply steals the information.

Also witnessed was an email claiming the recipient had missed a Zoom meeting, with the victim then told to click on a link to “Check your missed conference”. However this also takes the victim to a fake Zoom page where their logins are again stolen.

Cisco WebEx users were targeted by an email scam that claiming to be from the company, and using the correct logos and email domains. The message claims that the recipient needs to update their software in order to fix a security vulnerability - however once again, clicking the included link leads users to a phishing page where their details are harvested.

“Video conferencing has become very popular very quickly. Attackers have noticed and moved to capitalize on that popularity and brand strength," noted Sherrod DeGrippo, Senior Director of Threat Research at Proofpoint.

"Not only are attackers using video conferencing brands as a lure for malware, but they’re using it for credential phishing, in particular to steal Zoom and WebEx credentials. This points to the increasing value of compromised video conferencing accounts. Stolen account credentials could be used to login to corporate video conferencing accounts and violate confidentiality. They also could likely be sold on the black market or used to gain further information about potential targets for launching additional attacks.”

Proofpoint is recommending users take caution when opening emails from contacts they do not recognise, and ensure their security protection is up to date with all the latest patches.

“We agree with ProofPoint that users across all services and technology platforms should be cautious with emails, links or files received from unknown senders, and that users should take care to only click on authentic links or open attachments to known and trusted service providers," Zoom said in a statement to TechRadar Pro.

"Zoom users should be aware that links to our platform will only ever have a zoom.us or zoom.com domain name.  Prior to clicking on a link, they should carefully review the URL, being mindful of lookalike domain names and spelling errors.”

Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.