Zoom's growth trajectory has been impressive in the last few months, but the popular video conferencing app's security lapses have been questionable. Even though the company is working towards making Zoom a safe place for employees, students and millions of its users, the app keeps finding itself in hot waters. Zoom is the new hunting ground for hackers, who are trying to trick users into giving up their personal credentials.
In a recent trend on Zoom, scammers are pretending to be your Human Resource department calling an urgent performance review meeting. Two cybersecurity firms, Sophos and Abormal Security have found malicious activities by scammers on the Zoom app.
Fake HR meetings on Zoom
Sophos revealed that hackers are now targeting people across the world by sending emails with links to fake Zoom HR and payroll discussion video meetings to steal your personal and other credentials. Scammers have turned to employment worries as their latest lure for Zoom phishing scams and researchers from the 'Naked Security' team at SophosLabs witnessed several examples of such phishing emails, with the subject line saying "You are invited to join the q2 meeting".
"This is a reminder that your scheduled Zoom meeting with Human Resources and Payroll Administrative Head will start in a few minutes. Your presence is crucial to this meeting and equally required to commence this Q1 performance review meeting. Join this Live Meeting," says one of the fake Zoom messages.
There is the link in the Zoom message and once you click it, you will be directed to a portal with a login window that looks similar to video meet app Zoom. Hackers are looking for that password so it can be used on one of your accounts.
"Remember that access to your email account is likely to be worth a lot more to the crooks than your Zoom account would be, for the important reason that your email account is probably the way you go about doing password resets for many of your other accounts".
Whatever you enter as password on the fake site, you will end up redirected to a genuine and vaguely relevant Zoom help page, as though something went wrong and you should simply try again.
"In this way, the crooks don't need to simulate a successful login or to pretend that your login failed – they just leave you in one of those 'I wonder what happened there' moments where your inclination is simply to go back and start over," said the researchers.
By the time you see the genuine Zoom help page, the email address and the password you entered have already been posted to the crooks instead of sent to Zoom.
Abormal Security identified a similar trend and warned users about the fake HR meeting reminders. The spoof emails that appear to be coming from your HR concerning the termination of your employment is likely to cause panic and you'll instantly want to join the Zoom meeting to see what the deal is. But it is only a scam trying to get you to click on the malicious link given in the email. Researchers said that this type of scam has already landed in over 50,000 mailboxes.
What should you do?
These are challenging times for employees and employers. With all the pay cuts and job cuts happening everywhere, you're probably on the edge of your seat. Hackers are using this state of unrest to steal confidential information.
As a precaution, Zoom users must know that login isn't required when you're invited to a meeting. If you do happen to click on such links asking for your login details, close the window.
Do not click on suspicious links in emails. Always double-check the sender's email address and the link in the email. Users can also be extra cautious by typing out the official URL for the website instead of clicking on the link provided.
Zoom users must enable two-factor authentication. And if you were a victim of such phishing scams, change your password immediately. If you happen to use the same password for other accounts, which is not the best practice, update the password there too.
(Added some inputs from agency)