Scammers come up with a new scheme to steal money through Zoom

Scammers come up with a new scheme to steal money through Zoom

Scammers come up with a new scheme to steal money through Zoom – Attackers have come up with a new scam amid the popularity of Zoom's video conferencing service. Group-IB, a cybersecurity company, told Forbes.

Using the scheme, scammers sent letters to Zoom users with an offer to go to phishing sites under the pretext of paying “coronavirus compensation”. Their amount ranged from 35 thousand to 250 thousand rubles. In this case, it was also necessary to pay 1 thousand rubles. “For legal assistance in filling out the questionnaire.” At this step, users usually entered the card details, including the CVV code, and money was debited from it.

Analysts found that the letters were not sent from a fake domain, but officially from the service. This became possible due to the fact that the Zoom registration form has fields for entering the first and last name with the ability to score up to 64 characters there. Fraudsters entered into this field the inscription “You are entitled to compensation in connection with COVID-19” with a link to the fraudulent website.

“Since the letter was sent from an official service, the attackers not only receive a guarantee of delivery of letters to the addressees, but also that some of the deceived users will click on the link specified in the profile and go to the fraudulent website,” explained the deputy head of the 24/7 security CERT-GIB Yaroslav Kargalev.

With the onset of the coronavirus pandemic and the transition to remote work, the popularity of video conferencing services has skyrocketed. In March, the number of Zoom users, according to his data, increased 20 times, to 200 million members. But with the growing popularity of the service, the number of scams has also increased. So, since the beginning of the year, about 15.3 thousand domains containing the name Zoom have appeared, CERT-GIB reported.

The text was prepared by Yana Shebalina

Leave a Reply

Your email address will not be published. Required fields are marked *