Phishers Send Fake Zoom Invites for Thanksgiving

On the eve of Thanksgiving, there has been a surge in spam emails aimed at stealing email addresses and passwords. The perpetrators of this campaign are sending out fake invitations to Zoom video conferences and have created thousands of phishing pages, which have already been used to steal over 3,600 sets of email account credentials.

The fraudulent emails, which appear to come from Zoom, contain a link that supposedly allows recipients to view the invitation. Clicking the embedded button leads to a fake Microsoft registration page hosted on the appspot.com domain (owned by Google).

This landing page automatically displays the user’s email address and asks for their password. If the potential victim enters the requested information, their credentials, along with their IP address and geolocation data, are sent directly to the scammers.

Notably, the phishing page also checks the entered credentials in real time by attempting to log into the targeted account via IMAP.

As of November 26, BleepingComputer confirmed that more than 3,600 email logins and passwords have been stolen. Experts warn that the number of victims could rise due to the large number of phishing pages involved and the mass nature of the email campaign.

How to Protect Yourself

• Do not click on links in suspicious emails without thinking.
• If you accidentally land on a phishing page, close it immediately and ignore any prompts.
• Links in legitimate Zoom invitations usually open the Zoom app, not a page asking for your password.
• If you believe you have fallen victim to phishing, notify your organization’s IT department immediately and change your password.