My TechDecisions

Mobility, Network Security, Unified Communications

Double Check That Zoom Meeting Invite Before You Click ‘Start Meeting’

This latest phishing scheme seizes on the everyday workflow of accepting and starting a Zoom meeting.

Leave a Comment

Zoom Zero-Day

Attackers are now seizing the opportunity to spoof Zoom meeting invites. About 10,000 mailboxes have been hit with the socially engineered emails, according to cybersecurity company Armorblox.

The social engineered attacks are designed to look like a legitimate email from Zoom mimicking existing business workflows. Attackers will use the Zoom email address, “Zoom Communications” and include similar words as a real invite, such as [External] Zoom Meeting 11:00 AM Eastern Time [US and Canada].

When users click on the link to start meeting, it opens to a login screen for Microsoft Outlook, where unsuspecting victims enter in their credentials, the email security company says in a blog.

“The email attack bypassed native Microsoft email security controls. Microsoft assigned a Spam Confidence Level (SCL) of ‘-1’ to the emails; meaning the emails skipped spam filtering because Microsoft determined they were from a safe sender, to a safe recipient or were from an email source server on the IP Allow List,” writes Lauryn Cash in the Armorblox blog post.

The email is deceptive in that it mimics day-to-day business workflow. It’s habitual for users to simply click on “Start Meeting.”

Recommendations

According to Cash, organizations should take these actions to prevent compromise from this attack and similar ones:

  • Use built-in email security with layers.
  • Employees should always be watchful of social engineering cues. “Our brains have been trained to quickly execute on the requested actions. It’s best to engage with these emails in a rational and methodical manner wherever possible,” writes Cash. A good best practice is to perform an “eye test” on the email received that includes inspecting the sender name, email address, language within the email and any logical inconsistencies within the email.
  • Follow multifactor authentication and password management best practices and always remember not to use the same password on multiple sites or accounts. Use a password management software to store account passwords and avoid using passwords that include publicly available information, such as date of birth, or generic 123 passwords.
  • As always, continue to educate and train employees on phishing emails, such as looking for visible warning signs like poorly written emails, wrong signature lines or incorrect email addresses.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ