Skip to main content

How to Protect Yourself from Zoom Phishing Attempts

Business woman looking at watch, worried about getting late to meeting

If you’re like the majority of the American workforce, you are familiar with collaborative and communications platforms like Zoom or Microsoft Teams. By now, you are comfortable with how they work; you know your way around the software, and you have experience navigating your way through a meeting. But do you know how to protect yourself from Zoom phishing attempts? You might be comfortable with this relatively new way of attending school classes, workplace meetings, or even social events with friends, but this ‘comfortable’ feeling is precisely what hackers will use in their next phishing campaign.

Everyone is familiar with the feeling of dread you get when you realize you were supposed to login for a meeting 10 minutes ago. Scammers will use this situation and the accompanying lack of good judgment to their benefit. You get an email that seems to be coming from Zoom to let you know that you’re late to a meeting. Conveniently, there is a link in the “Zoom email” for you to join the meeting. The link takes you to a familiar website. Remember? You’ve been here many times before. It looks just like the Zoom site. You enter your credentials and BOOM! You have just been the victim of a phishing scam. 

Another phishing scenario could go like this; you get an email, text or social media message that appears to be from Zoom. The message has the Zoom logo and says, "Your Zoom account has been suspended due to suspicious activity," along with a link to allow you to reset your password and reactivate your account. Or you might receive a message welcoming you to the platform and request that you click a link to activate your account. It seems legitimate, but you should ALWAYS be suspicious.

With this in mind, the BBB has three pieces of advice:

  1. Double-check the sender’s information. Zoom.com and Zoom.us are the only official domains for Zoom. If an email comes from a similar-looking domain that doesn’t quite match the official domain name, it’s probably a scam. Scammers have registered close to 2500 domain names including the word 'Zoom' or 'Teams' since the beginning of the year. Beware!
  2. Never click on links in unsolicited emails. Phishing scams always involve getting an unsuspecting individual to click on a link or file sent in an email that will download dangerous malware onto their computer. If you get an unsolicited email and you aren’t sure who it came from, never click on any links, files, or images it may contain. Don't be distracted!
  3. Resolve issues directly. If you receive an email stating there is a problem with your account and you aren’t sure if it is legitimate, contact the company directly. Go to the official website by typing the name in your browser and find the ‘Contact Support’ feature to get help. 

Think Before You Click. Don't fall victim to these attacks.

Contact us to discuss our cybersecurity resources and how we can help your business avoid cybercrime.

Keep Reading