Last week, it was reported through numerous sites about a phishing attempt targeting O365 users with a fake Zoom account suspension alert.
The fake alerts spoof an official Zoom email address that are designed to impersonate a legitimate automated Zoom notification and have landed in over 50,000 mailboxes. There are no grammar mistakes, which is paired with detailed Zoom-like graphics, making it look legitimate enough to be believed.
The victims are informed that they will not be able to join any calls and meetings until they re-activate their accounts and that they need to click the “Activate Account” button. However, it redirects the recipients to a fake Microsoft login page through a hijacked website. The landing page asks the victim to enter their O365 credentials.
Other phishing scams reported to abuse@uthsc.edu this week:
- “We have charged to $299” – This phish was letting the person know that their 1-year subscription to Windows Defender had ended and “the account” had been charged. The person is supposed to call a phone number “within 2 days” to get it resolved. Windows Defender is part of the Windows Operating System and is not an add-on fee!
- Dr. Marie Chisholm-Burns was the spoofed Dean of the week. Emails coming from a Gmail account was asking if people were available to buy gift cards.
- PRIVATE REQUEST – Phishing scam wanting to give the user $17,500,000 dollars to the less privileged. Just give me your banking information so I can transfer the money.
- DONATION – like the one above, a mega jackpot winner wants to share his $768 million winnings. Just email back your acceptance of your share.
Report any suspicious UTHSC communication to abuse@uthsc.edu. We can investigate and let you know if it is a phish or a legitimate email.
Stay safe everyone!