It is undeniable that a tool to Zoom video conferencing has become an integral part of our professional and public life. Due to social problems, most of us are now relying on Zoom to hold working meetings, to conduct virtual “walks” with our friends and more. It is not surprising that scammers use Zoom to steal personal information. If you recently received an invitation to meet Zoom with the human resources Department (HR), it may be a Scam. This writes the Reader’s Digest.
How the Scam works?
Unfortunately, many people were fired or were laid off due to pandemic coronavirus. Even if you are lost your job, it is normal that you are worried about it. A feeling of General anxiety — that is, what is the aim of scammers.
In this fraud, criminals create fake e-mail, which acts as an automatic reminder to an important meeting with the personnel Department. The email contains a link that redirects users to fake login page in the Zoom system, posted on the “zoom-emergency.myftp.org”.
Subject line, layout, messages and descriptions of the meetings vary, but the basic idea is the same, says Naked Security.
For English speakers, the wording of some sentences is quite unnatural, and sometimes there are spelling mistakes that are easy to overlook.
But the consequences of that letter is clear enough: if you miss a meeting that is happening right now, you could lose your job
Also in the letter, there is a button, like Zoom to be able to join the meeting, but if you click on it, you would not be on zoom.us, as one would expect.
However, as you would expect, you get to web page HTTPS (the padlock), and the login page is nearly identical.
Please note that the encryption certificate for this website was issued yesterday, shortly before sending spam messages associated with it.
Also, looking closely, you will notice that the crooks have inserted the text of the proposal Email Address Password in the password instead of just Password, as is done in this page Zoom.
Presumably, they hope that, if you notice this “hint” you can use your account password instead of email password Zoom.
Remember that access to your account, e-mail, the fraudsters are far more important than your account Zoom, for the reason that your account email is probably the way you reset the password for many other accounts.
No matter what we typed in as the password on the fake website, you will be redirected to the real page Zoom, as if something went wrong, and maybe you should just try again.
Thus, the fraudsters do not need to simulate a successful login or to pretend that your login has failed — they just leave you in one of those moments “I wonder what happened there,” and you tend to just go back and start all over again.
Of course, by the time when you see the (completely genuine) help page Zoom, e-mail address and your password are already in the Scam.
“Your presence is crucial to this meeting and are equally required for the start of the meeting on the analysis of efficiency in the first quarter”, — is spoken in the main part of the letter. The subject line of the email reads: “Suspension/termination of the contract.”
By the way, Zoom is not the only platform used by scammers — you will also have other social networks such as Facebook.
What people can do to protect yourself?
Do not log in after clicking on links in emails. You need to go directly to Zoom or switch to the Zoom app and then try to enter the number of meeting specified in the text of the letter.
Turn on two-factor authentication if you can. Zoom supports 2FA based on one-time codes generated by the app on your phone, and most email services too.
Every time you log into the system with another source of inconvenience for you is very minor, but additional efforts for fraud is huge because one of your password is not enough.
Immediately notify the IT team of your organization if you receive such a message. Scammers rarely send phishing emails to one person in the company, so if you can act as an early warning system in your organization, you will help protect everyone else.
If you receive this email, change your password immediately. The sooner you change your password, the less time will be the scammers.
“Unfortunately, criminals usual practice is using in their schemes a loud global news, and the outbreak of coronavirus is perfect for this, says Morten Brugger, CEO of Wire. — Cybercriminals reinforce fear and vulnerability associated with flash to catch people who are desperate to get more information.”
According to Bragger, the most important thing people can do to protect yourself from such scams is to be suspicious to people, applications, and objects which they do not know. In a pandemic is natural to want to know everything, but it is very important to stick to trusted and reliable sources.
“People should carefully check all emails and links and to authenticate only where they know the domain names of senders, be wary of those websites and links, which is slightly different from the original or not recognized, says Bregger. — If you’re not sure, play it safe and look elsewhere”.