Zoom has become very popular in these recent times in just a few months but not only for good things. The app was in news all over the place for its security flaws that put its users at risk. The company did take care of its security flaws to make the platform safer for the users but the users are still not safe. A new attack campaign is going on that is targeting Zoom users to steal their login details. Similar to any phishing attack this attack is using curiosity and fear of people to lure them into the trap. In these attacks, users receive emails that invite to meeting concerning their jobs.
In the current chaos that the world is under due to the Coronavirus, people are worried about losing jobs. Due to the fear of losing job people tend to fall for such attacks. The attackers are emailing Zoom users as HR informing them about the concern for their job and inviting them for a meeting for the same. The employee simply falls for it as losing a job can mean losing everything for many as finding any job is hard with all the shutdowns. Once the user opens the invite they are on the fake homepage created by attackers. To join the meeting the user is prompted to log in to their Zoom account.
These attacks are actively happening to Zoom users and around 50,000 such targeted mails have been reported. The attacks are targeting Zoom users to steal their login details and that just means the account itself. Earlier a lot of Zoom accounts were sold on the dark web and this is just going to make things worse. Zoom has millions of users and it can’t be held accountable for their safety for such attacks. Users need to double-check any meeting invites they receive through emails.