Called to an urgent Zoom meeting with HR? It might be a phishing attack

Graham Cluley @gcluley

Called to an urgent Zoom meeting with HR? It might be a phishing attack

Bad enough that people have found themselves trying to work from home for the first time in their lives, perching their laptop on the end of the sofa.

Stressful enough that they’re having to remain productive while overseeing their kids attending remote school lessons, battling the frustrations of Google Classroom.

Challenging enough to keep the household something approaching sane whilst having a video conference call with those colleagues who haven’t been furloughed (yet).

Email Sign up to our newsletterSign up to Graham Cluley’s newsletter - "GCHQ"
Security news, advice, and tips.

With all this going on, you certainly aren’t going to feel good about an email arriving from your company’s HR team asking you to join a Zoom meeting immediately to discuss your Q1 performance with the topic “Contract suspension / Termination Trial”

That would be pretty ominous wouldn’t it?

As the researchers at Abnormal Security describe, computer users are being targeted with phishing emails that have adopted just that disguise.

Zoom phishing email c19

The risk, of course, is that employees working from home for the Coronavirus pandemic lockdown will all-too-quickly believe they have received a genuine invitation to a video meeting with HR, click on the link to a fake Zoom webpage, and hand their corporate email login credentials over to criminals.

Zoom phishing login

Remember – there is no legitimate reason for Zoom to ask for your email address password.

Don’t be too quick to click. Cybercriminals are exploiting the Coronavirus pandemic with social engineering techniques to trick unsuspecting users into clicking on malicious links.

Stay safe out there.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

One Reply to “Called to an urgent Zoom meeting with HR? It might be a phishing attack”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.