Phishing Campaign aims to steal Zoom credentials using fake layoff notifications

Be advised that there is an active campaign targeting Office 365 users.  It attempts to convice the message recipients that they are about to be laid off from their jobs, and then get them to follow a malicious link to what is supposed to be a message from their HR department. 

It was noted that the phishing messages being sent are very convincing as they mimic the Zoom meeting invitations exactly.  This is the same with landing page, as it duplicates the Zoom login page, although the only functionality on the page are the login fields used to steal credentials.

For more information, see

Published on  and maintained in Cascade.