Security News > 2020 > December > Zoom Impersonation Attacks Aim to Steal Credentials
The Better Business Bureau warned last week that the attack uses Zoom's logo, and in a message tells recipients that their Zoom accounts were suspended and to click a link to reactivate; or that they missed a Zoom meeting, and to click a link to see the details and reschedule.
Another recent variant of the attack has been a message welcoming some recipients to the platform and requesting they click on a link to activate the account, said the BBB. In all cases, victims are taken to a phishing landing page, where they are asked to input their Zoom credentials.
A database shared on an underground forum in April contained more than 2,300 compromised Zoom credentials.
Compromised Zoom credentials could give cybercriminals access to web conference calls, where sensitive files, intellectual property data and financial information are shared.
Attackers can also use these types of compromised credentials to launch denial-of-service attacks, also known as "Zoom bombing." Despite the FBI cracking down on Zoom-bombing earlier this year, the practice continues to plague Zoom users, with a recent Thanksgiving Zoom-bombing attack that was labeled "TurkeyBombing."
News URL
https://threatpost.com/zoom-impersonation-attacks-credentials/161718/
Related news
- Retail chain Hot Topic hit by new credential stuffing attacks (source)
- Roku warns 576,000 accounts hacked in new credential stuffing attacks (source)
- Okta warns of "unprecedented" credential stuffing attacks on customers (source)
- Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks (source)
- Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks (source)