Zoom phishing scam aims to steal login credentials | EasyDMARC

Zoom phishing scam aims to steal login credentials

4 Min Read

As individuals and businesses become increasingly reliant on video conferencing to stay connected during the Covid-19 outbreak, fraudsters have used the opportunity to target users with a malicious Zoom phishing scam.

The Zoom phishing scam begins with an email that impersonates a notification from the video conferencing platform. Thus, the email informs the recipient that they have recently missed a scheduled meeting. It encourages the user to click the link for more details and access a recording of the meeting.

By informing the user that the meeting has been missed, the Zoom phishing scam aims to provoke a sense of urgency and panic to encourage recipients to click on the malicious link, a key trait of many similar phishing scams.

Zoom scam alert: Never click on this kind of invitations

With more people working from home than ever before, it is likely that targets are more willing to trust such emails. As daily online meetings and video conferencing become part of the new normal for remote workers. In an effort to provoke further urgency, the message also states that Zoom will only keep the message for 48 hours, after which it will be deleted.


When the link has been clicked, recipients of the phishing fraud are directed to a fake Zoom login page which mimics a genuine Zoom sign-in page. However, this page requests the victim to log in using their work email credentials.

The instructions state: “Zoom now allows you to join and host meetings without signing up. Simply continue with your organization email login to proceed.“


Although the spoof login page mimics Zoom’s branding, the page contains red flags, such as an unusual URL, non-functioning links, and spelling mistakes in the instructions.

If an unsuspecting victim enters their enterprise login details, their credentials will be harvested and can then be sold on the dark web, held for ransom. Or used to compromise other accounts that may contain sensitive information.

Mashable’s report earlier this month found that more than 500,000 stolen Zoom accounts were being bought and sold on the dark web for as little as $0.002 per account. Some accounts, the report claims, are even being shared for free to be used for Zoom-bombing and other malicious activities.

Be aware of Zoom fake scams

Given the current situation, people regularly receive meeting notifications and invitations from various video conferencing software. In a recent announcement, Zoom founder and CEO Eric S. Yuan stated that the video conferencing platform according to this report surpassed 300 million daily Zoom meeting participants, many of them from enterprise users.

As such, the surge in video conferencing has created the perfect circumstances for opportunistic fraudsters to exploit those working from home. Also, read our article about 4 email security best practices to protect your organization in 2021.

Email security researchers say this particular attack has successfully found its way into more than 50,000 mailboxes.

With 90% of all data breaches caused by phishing, and according to  Valimail’s report 3.4 billion fake emails sent every day, users must remain cautious and vigilant. Despite the increasing sophistication of these emails, there are a number of ways to avoid falling for a phishing scam.

So don’t miss our article on how EasyDMARC protects against BEC?

How to Avoid Falling For a Phishing Scam

  • Never click on links or download attachments without confirming the source.
  • Verify the authenticity of links and pay close attention to URL addresses. Many bad actors will host landing pages on unrelated URLs.
  • Avoid logging in from the links provided in emails. Instead, log in directly to the requested website.
  • Always take time to think about a request for your personal information. And whether the request is appropriate.
  • Pay close attention to the spelling of an email or web page. If there are any inconsistencies, be cautious.
  • Ignore and delete emails with unexpectedly poor grammar and formatting.
  • Question the validity of any email that asks you to submit personal or financial information.
  • Use strong passwords to reduce the chance of phishing scam.
  • Consider the use of a password manager to maintain the security of multiple accounts.
Various authors from EasyDMARC teams have contributed to our blog during company's lifetime. This author brings everyone together.


Inline Feedbacks
View all comments

succees We’re glad you joined EasyDMARC newsletter! Get ready for valuable email security knowledge every week.

succees You’re already subscribed to EasyDMARC newsletter. Continue learning more about email security with us