Researchers at Abnormal Security have recently spotted an ongoing Office 365 phishing campaign that spoofs an official Zoom email address in order to impersonate a legitimate automated Zoom notification. The body of the email warns victims that their Zoom account has been disabled and urges them to click a button titled “Activate Account.” Clicking the button redirects users to a fake Microsoft login page hosted on a hacked website, which is then used to steal credentials. These credentials can then be sold or reused to gain more of a foothold in a network.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.