Security News > 2022 > October > Phishing attack spoofs Zoom to steal Microsoft user credentials

Phishing attack spoofs Zoom to steal Microsoft user credentials We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships.

That's exactly the case with a recent phishing campaign analyzed by security firm Armorblox in which the attacker spoofed Zoom in an attempt to compromise Microsoft user credentials.

Displaying the Zoom name and logo, the email itself claimed that the person had two messages waiting for their response.

Sent from a valid domain, the initial phishing email evaded Microsoft Exchange email security controls as it was able to pass the usual email authentication checks, including DomainKeys Identified Mail, Sender Policy Framework, and Domain-based Message Authentication Reporting and Conformance.

The email described in the report snuck past Microsoft security defenses, a sign that you need to supplement your native email security with stronger and more layered tools.

Also See Share: Phishing attack spoofs Zoom to steal Microsoft user credentials.

News URL

https://www.techrepublic.com/article/phishing-spoofs-zoom-microsoft/