Skip to Content
Don't open that strange Zoom invitation. It could be part of this elaborate phishing scheme
© Vadym Pastukh | Dreamstime.com
Security & privacy

That Zoom invite might be a clever phishing trick – Red flags to watch for

Even though people are returning to work in their offices, video conferencing is still common. We’ve been bitten by the video chat bug and regularly have virtual meetings with coworkers and chat with loved ones and friends through webcams and smartphones.

Did you know you can have a Zoom meeting through your TV? One method is to connect a laptop to your TV through an HDMI port. There’s an easier way, however. You can use screen mirroring to connect your smartphone to your TV without the need for extra equipment. Tap or click here and Kim will tell you how it’s done.

But if you’re a regular Zoom user, be careful. An elaborate phishing scheme is making the rounds and could already be in your inbox. Keep reading to find out how to avoid falling victim.

Here’s the backstory

Zoom is massively popular for video conferencing, so it’s no surprise that cybercriminals exploit it to target victims. Armorblox detailed a cyberattack targeting a major online brokerage in a recent blog post. It was initiated via email and was sent to about 10,000 inboxes.

The email was titled, “[External]Zoom Meetings 11:00 AM Eastern Time [US and Canada],” and the body contained the message, “Your participants have joined you in a meeting.” There’s also a button to join the meeting.

Clicking on the link brings you to a fake Microsoft Outlook login page. Enter your credentials and they’re sent to the crooks.

The malicious email bypassed Microsoft’s security controls and was determined to be from a safe sender. Last year we reported on similar attacks involving fake Google Meet links.

This type of phishing attack is especially dangerous since the message appears to come from a trusted organization. It’s become instinctual for some to join a meeting via an email invite.

How to protect yourself from phishing attacks

Exercise caution when receiving any links through your email or text messages. You can take many more steps to avoid falling victim to phishing scams. Here are some tips:

  • Don’t click on links and attachments that you receive in unsolicited emails.
  • If the message gives you a sense of urgency, delete it.
  • Spelling and grammar errors are big red flags.
  • Use two-factor authentication and password managers for better security.
  • Keep your operating systems, apps and devices updated with the latest official software and patches.
  • Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

How to easily turn your smartphone camera into a full-featured webcam

5 things you didn’t know your smart TV could do

Ask me your digital question!

Navigating the digital world can be intimidating and sometimes downright daunting. Let me help! Reach out today to ask your digital question. You might even be on my show!

Ask Me