.jpeg "Hackers Use Fake Zoom Invites to Steal Corporate Login Info")
The emails are designed to look exactly like real Zoom meeting alerts, using Zoom’s branding and urgent subject lines like “Missed Zoom Call” or “Urgent Meeting Request.” These tactics pressure users to click quickly without thinking.
Once a person clicks the link, they’re taken to a fake Zoom page that looks like a real meeting is about to start. The page even shows a pre-recorded video of people in a conference call, making it seem like coworkers are waiting. This adds pressure to log in immediately.
But when users try to log in, their credentials are stolen.
Cybersecurity researchers from SpiderLabs uncovered the scam on May 19, 2025. They say it’s a step up from older phishing attacks because it uses video to make the fake meeting seem more realistic.
The attack goes through five stages:
• A fake Zoom email is sent.
• The user clicks a link that looks like a Zoom loading screen.
• A video plays, showing what looks like a real meeting.
• The user sees a fake disconnection message.
• A login screen appears to steal Zoom login info.
Hackers are using several domains to host the fake pages and are sending stolen data through Telegram's API, making it harder for security systems to detect.
Experts warn users to double-check meeting invites and avoid clicking links in suspicious emails. If unsure, it’s best to join meetings directly through the official Zoom app or website.
Source: Cyber Security News
Tags:
Cybercrime in World
.jpeg&description=Hackers Use Fake Zoom Invites to Steal Corporate Login Info){kind=link}