We have warned you before that cybercrminals are exploiting the boom in remote worker brought on by the Coronavirus, and we will keep warning you, because this is a trend that likely isn’t going anywhere.  Now, hackers are using fake Zoom and WebEx emails to steal login credentials AND download malware.

While these phishing emails are far from groundbreaking, it still works on those who aren’t aware.  Like a welcome emails from “Zoom” or “Critical Update!” attention-grabbing emails from WebEx.  And, a new type of phishing campaign has been detected, that flips the script…

New Malicious Campaign

This campaign is less “phishing” and more “catfishing.”

Instead of pretending to be Zoom or Cisco, they pretend to be a potential client who asked for a quote.  They tell you they are available for a Zoom call and attach an Excel spreadsheet, masquerading as their schedule.  While it is a spreadsheet, and their might be a schedule, it’s actually filled with viruses that will run on your device if you allow it to enable the macros!  Once you enable them, the script installs a “remote control” app, which the bad actors then use to access your files and data at their leisure.

What Can You Do??

Take precautions.  NEVER open an attachment from a stranger.  EVER.  And specifically, don’t enable macros from an unknown sender.  If it seems to good to be true? It probably is.

Keep in mind, too, that hackers are targeting white collar US businesses with these kinds of campaigns, in the tech, healthcare and contractor sectors.  For more information on securing your home office, download our free Remote Security Checklist.  And, as always, you can call us at 919-422-2607 or schedule a free consultation with Craig.

Comments are closed.