Researchers at Abnormal Security have recently spotted an ongoing Office 365 phishing campaign that spoofs an official Zoom email address in order to impersonate a legitimate automated Zoom notification. The body of the email warns victims that their Zoom account has been disabled and urges them to click a button titled “Activate Account.” Clicking the button redirects users to a fake Microsoft login page hosted on a hacked website, which is then used to steal credentials. These credentials can then be sold or reused to gain more of a foothold in a network.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security