Top video conferencing software platforms are facing a number of new attacks from criminals looking to steal the login details of their users.
According to experts at security firm Proofpoint, services such as Zoom and WebEx have become popular targets for criminals, with a number of new scams emerging online in recent weeks.
The scams include phishing attacks to steal user login details, allowing hackers access into a company's network to cause havoc and spread malware.
- Zoom apologises for major security vulnerabilities, promises fixes
- Best online collaboration tools of 2020: software for shared work and communications
- 'Zoom-bombing' is now a federal offense in the US
Zoom phishing
Proofpoint outlined multiple scams detected by its services in recent weeks as video conferencing usage has soared across the world due to the ongoing coronavirus lockdown.
This included a phishing email scam where a message entitled "Zoom Account” pretends to welcome a user to their new Zoom account. The victim is then encouraged to activate their accounts by entering their login details on a different landing page, however this false site simply steals the information.
Also witnessed was an email claiming the recipient had missed a Zoom meeting, with the victim then told to click on a link to “Check your missed conference”. However this also takes the victim to a fake Zoom page where their logins are again stolen.
Cisco WebEx users were targeted by an email scam that claiming to be from the company, and using the correct logos and email domains. The message claims that the recipient needs to update their software in order to fix a security vulnerability - however once again, clicking the included link leads users to a phishing page where their details are harvested.
“Video conferencing has become very popular very quickly. Attackers have noticed and moved to capitalize on that popularity and brand strength," noted Sherrod DeGrippo, Senior Director of Threat Research at Proofpoint.
"Not only are attackers using video conferencing brands as a lure for malware, but they’re using it for credential phishing, in particular to steal Zoom and WebEx credentials. This points to the increasing value of compromised video conferencing accounts. Stolen account credentials could be used to login to corporate video conferencing accounts and violate confidentiality. They also could likely be sold on the black market or used to gain further information about potential targets for launching additional attacks.”
Proofpoint is recommending users take caution when opening emails from contacts they do not recognise, and ensure their security protection is up to date with all the latest patches.
“We agree with ProofPoint that users across all services and technology platforms should be cautious with emails, links or files received from unknown senders, and that users should take care to only click on authentic links or open attachments to known and trusted service providers," Zoom said in a statement to TechRadar Pro.
"Zoom users should be aware that links to our platform will only ever have a zoom.us or zoom.com domain name. Prior to clicking on a link, they should carefully review the URL, being mindful of lookalike domain names and spelling errors.”
- Keep yourself secure with the best antivirus software of 2020
