Zoom Users Under Threat Once Again, Phishing Campaign Aims to Steal Zoom Credentials: Report

Zoom users are getting phishing emails, asking them to login with their credentials on fake websites.

Advertisement
By Vineet Washington | Updated: 22 April 2020 12:49 IST
Highlights
  • Zoom users may be under threat of phishing emails
  • These emails ask users for their credentials
  • Hackers are targeting Zoom users owing to the massive userbase

Zoom phishing emails seem to link users to a “spoof page”

Photo Credit: Proofpoint

Zoom is a rapidly growing video conferencing service that is being used by more than 200 million users. But the service has been in the news for all the wrong reasons, including security flaws and vulnerabilities. Now, another threat to Zoom users has been reportedly spotted. Hackers are using credential phishing emails to gain access to Zoom users' account details. According to a report, hackers are targeting individuals and businesses in the transportation, manufacturing, technology, business, and aerospace sectors in the US.

Owing to the ongoing coronavirus pandemic, offices, schools, and other organisations have switched to video conferencing as a means of communication. This has led to the massive increase in user base for services like Zoom.

Advertisement

In an analysis published by Proofpoint, it was found that credential phishing is being used to gain access to user account details. Phishing is the process of deceiving and luring users into sharing their account details.

The report states hackers are using emails to target multiple sectors in the US. The emails seems to come from an “admin account” like “Rouncube Admin” or "admin@servewebteam[.]gq" and contains the subject line “Zoom Account.” The body of this mail seems to welcome users to Zoom and gives them a link to activate their account. This link takes the user to a “generic webmail landing page” where they are asked to enter their credentials.

Advertisement

Phishing email comes with subject line "Zoom Account"
Photo Credit: Proofpoint

Advertisement

 

Another phishing email discovered by Proofpoint tries to lure Zoom users with a “missed meeting” message. The mail claims that the user has missed a Zoom meeting and gives a link through which the recipient can check their missed conference. Clicking on the link takes the user to a Zoom page that looks quite official but, Proofpoint claims it is a “spoofed Zoom page.” The user is asked to enter credentials here.

Advertisement

The mail can state user has missed a Zoom meeting
Photo Credit: Proofpoint

 

A smaller campaign targeting manufacturing, industrial, marketing/advertising, technology, IT and construction companies tries to infect users with ServLoader/NetSupport remote access Trojans. The mail thanks the recipient for responding to a fake RFQ (Request for Quotation) and offers to have a Zoom call. The subject line in these mails can be “[Company] Meeting cancelled - Could we do a Zoom call”, “[Company] - I won't make it to Arizona - Could we talk over Zoom?”, “The [Company] - I won't make it to Tennessee - Can we talk over Zoom?”, and other variations.

Phishing email aims to distribute the ServLoader/NetSupport remote access Trojans
Photo Credit: Proofpoint

 

It was also found that a large agricultural firm was sent an attachment that required it to “enable macros” after which a ServLoader PowerShell script is executed and that installs NetSupport, a remote-control application.

With most of the people using video conferencing as a means of communication during the ongoing coronavirus pandemic, the threats against their privacy and security seem to be increasing. However, it should be noted that this latest threat is not Zoom's fault in particular.

 

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Zoom, Credential Phishing
Advertisement

Related Stories

Popular Mobile Brands
  1. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot
  2. Pixel 11a Codename Appears in Google's Phone App: Report
  3. Here's When the Poco M8 Power, Poco X8 Could Launch in India
  4. Samsung Galaxy S25 May Get This Advanced Video Stabilisation Feature With One UI 9
  5. Here's How Much the iQOO Z11 Lite Could Cost in India
  6. Oppo K15 Launch Date Confirmed; Key Specifications Revealed Ahead of Debut
  7. Chromebook or Windows Laptop: Which Is Right for You?
  1. Redmi Note 17 Pro Global Variant Reportedly Appears on NBD Database Alongside Poco Model
  2. Google Pixel 11a Codename Reportedly Spotted in Phone App
  3. Huawei Mate XT 2 Leaked Patent Reveals New Tri-Fold Design and Folding Mechanism
  4. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot: Here's What We Know So Far
  5. Lenovo Legion C700 Teased as a Cloud Gaming Handheld Ahead of August Launch
  6. Marvel's Wolverine Gets New Trailer That Will Play Ahead of Christopher Nolan's The Odyssey in Select Theatres
  7. Airtel Quietly Removes Rs. 549 Individual Postpaid Plan in India; Rs. 699 Plan Becomes Next Upgrade
  8. Poco M8 Power, Poco X8 India Launch Timeline Tipped; Could Arrive as Rebranded Redmi Note 17 Series
  9. Samsung Galaxy S25 Series Could Get Galaxy S26’s Horizontal Lock Camera Feature With One UI 9 Update
  10. Asus Pad India Launch Date Announced as Company Reveals Key Specifications
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.