Since March 27, 2020, Software company Proofpoint researchers have observed an increase in video conferencing company-themed attacks seeking to steal credentials and distribute malware
These lures capitalise on the global workforce’s shift to remote work and consequential increased demand for video conferencing services during the COVID-19 pandemic.
To note, these attacks do not leverage or attack video conferencing software directly. Threat actors are using the names and brands of these video conferencing companies as themes in their social engineering lures, which lead to the theft of various account credentials, malware distribution, or credential harvesting for these spoofed video conferencing accounts.
Emile Abou Saleh, regional director, Middle East and Africa at Proofpoint, said, “Video conferencing has become very popular very quickly, in the Middle East, as well as globally. Attackers have noticed and moved to capitalise on that popularity and brand strength.
“Not only are attackers using video conferencing brands as a lure for malware, but they’re using it for credential phishing, in particular to steal Zoom and WebEx credentials. This points to the increasing value of compromised video conferencing accounts. Stolen account credentials could be used to login to corporate video conferencing accounts and violate confidentiality. They also could likely be sold on the black market or used to gain further information about potential targets for launching additional attacks.”
