Australians have been warned against opening this particular Zoom invite, which could give hackers access to their personal data.
An email from the display name “Zoom Video Communications” and titled “Zoom Video Conferencing invitation Wednesday, May 13, 2020” was intercepted by MailGuard, and found to have originated from multiple randomly generated email addresses hosted on amazonses.com.
The body of the message informs recipients that they have been invited to a video conference via Zoom, and a button is provided to “review the invitation”.
From there, those who click to review will be taken to a fake Microsoft-branded login page, and are asked to “sign into Zoom with your Microsoft 365 account”.
Then, users who log in will be asked to put their password in due to a “sign in attempt timeout”.
Users are then led to a page that says “this video conferencing has been cancelled”.
MailGuard has advised all recipients to “delete these emails immediately” without clicking any links, and to alert your social media network of the scam.
If you look closely however, it’s clear the email is a scam.
The pages aren’t hosted on a Microsoft or Zoom domain, and all the email addresses used in the “from” field of the email aren’t from a familiar domain.
“This is a good example of how cybercriminals are leveraging on the uncertainty posed by the recent COVID-19 outbreak and its implications on the way we communicate and work,” MailGuard stated.
“With Zoom increasingly becoming a popular videoconferencing app among businesses, it is not uncommon for professionals to receive an email like this in their inbox who might click on it thinking it is a legitimate invitation for an upcoming business meeting.”
Are you a millennial or Gen Z-er interested in joining a community where you can learn how to take control of your money? Join us at The Broke Millennials Club on Facebook!