Proofpoint is recommending users take caution when opening emails from contacts they do not recognise, and ensure their security protection is up to date with all the latest patches. They also could likely be sold on the black market or used to gain further information about potential targets for launching additional attacks.” Stolen account credentials could be used to login to corporate video conferencing accounts and violate confidentiality. This points to the increasing value of compromised video conferencing accounts. "Not only are attackers using video conferencing brands as a lure for malware, but they’re using it for credential phishing, in particular to steal Zoom and WebEx credentials. Attackers have noticed and moved to capitalize on that popularity and brand strength," noted Sherrod DeGrippo, Senior Director of Threat Research at Proofpoint. “Video conferencing has become very popular very quickly. The message claims that the recipient needs to update their software in order to fix a security vulnerability - however once again, clicking the included link leads users to a phishing page where their details are harvested. However this also takes the victim to a fake Zoom page where their logins are again stolen.Ĭisco WebEx users were targeted by an email scam that claiming to be from the company, and using the correct logos and email domains. Also witnessed was an email claiming the recipient had missed a Zoom meeting, with the victim then told to click on a link to “Check your missed conference”.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |