Zoom Phishing Attack

With more people working from home and outside of an office environment, it is much easier to fall into a false sense of security. 

Please be vigilant to emails that you do not expect to receive. Currently, many people are using applications outside of Office 365, such as Zoom to stay in touch with friends, family and colleagues. If you receive an invitation to join a Zoom call that you are not expecting, please delete it and do not click on any links. Most invitations will advise you of the contact who has sent the invite to you. If you are the only name in the email, please delete it.  

An easy way to tell if the email is spam or a phishing attack (where malicious users attempt to obtain your login credentials) is to check the email address it is sent from. For example, if you received a legitimate email from the government, it would look like user@gov.uk. A spam email might look like user@go.v.u.com 

Here’s an example of a current phishing attempt:

The email address is displayed as:  

Zoom.Video.Communications.user.name.info.oomvideoconference-communications@o.pfr.orbufw.com 

If you have any questions about this, please contact our team for clarity.