"Phishing Scam Uses Zoom Invite to Steal Microsoft Outlook Credentials"

Armorblox researchers disclosed a phishing scam targeting a major North American online brokerage company where a victim started off on a legitimate Zoom and then ended up getting their Microsoft credentials stolen after landing on a fake Microsoft Outlook log-in screen. According to the researchers, the email attack evaded the native Microsoft email security controls because the malicious emails were detected as being from a safe sender to a safe recipient, or they were from an email source server on the "IP Allow List." The researchers noted that the email attacks replicated workflows used by most people every day. For example, most office employees use Zoom. Therefore, it is part of their routine to click "Start Meeting," especially because the emails from Zoom are all similar, and most users are accustomed to seeing them. Social engineering remains one of the greatest challenges that IT and security teams face. Although social engineering is not a new challenge, the threat actors behind such campaigns are becoming more advanced, thus making it more difficult for security professionals to identify and protect against attackers' malicious tactics. Threat actors know that social engineering is the most effective on communication channels such as social media, third-party messaging apps, and dating apps. Organizations that let employees use their own smartphones and tablets for work in a bring-your-own-device (BYOD) scenario are left more vulnerable to attacks since employees install both personal and work apps on those devices. This article continues to discuss the phishing scam that uses Zoom invites to steal Microsoft Outlook credentials and why social engineering will continue to be a problem for security teams. 

SC Media reports "Phishing Scam Uses Zoom Invite to Steal Microsoft Outlook Credentials"