Fake Zoom Link Delivers Malware

March 2, 2025

This latest crypto crime uses phishing and a malicious, fake Zoom link to steal cryptocurrency. With just one click, unsuspecting targets find their crypto accounts drained by a devious cyberattack. Here’s more of what you need to know about this new and sophisticated crime.

Opportunity Strikes

This scam uses a socially engineered approach by targeting specific “high value” individuals. Phishing is the first move, offering victims a totally bogus opportunity that sounds too good to pass up. The scammer uses high pressure tactics, insisting they meet on Zoom to seal the deal. Agreeing to the Zoom meeting turns this lure into a crime.

The attacker includes a bogus Zoom URL link for the meeting and the victim has no clue it’s full of malware. Once clicked, it shows a loading and other screens that look Zoom-legitimate. But what’s really loading is malware concealed as the Zoom installer. While waiting for the Zoom link to finish installing, the malware starts stealing information from the victim’s device.

There’s no limit to what this malware steals, including crypto accounts, PII, and whatever else it can. Since the attacker encrypts the malware first, it’s even likely to get past anti-virus protection. So, what can you do to avoid becoming the next Zoom victim?

Safe Zoom-ing

Clicking on links sent by others is never a cyber-smart idea, especially if you don’t know or trust the person sending it. If you already have Zoom installed, you never need to reinstall it, especially just to have a meeting. In reality, you can use Zoom directly from your browser without installing it at all. So, if someone tells you that you absolutely MUST install it, consider it a big old red flag.

Remember that if an offer or “deal” sounds too good to be true, consider it too good to be true and opt out of participating.

Like most cybercrimes today, they keep rising to new levels of success. Using Zoom to pull-off this scam is new, but since it works well, we can plan on seeing more of it. The next time someone sends you a Zoom link for any reason, remember, one click is all it takes to zoom in on a lot of trouble.

Always examine the domain of any link. If the Top Level Domain is not the official domain of the company represented in the link, it more than likely is a malicious link.

Mobile Security

There Is Plenty Of Phishing On Online Apps--Don't Get Hooked

A recent documentary aired on subscription streaming service, Netflix, that highlighted how difficult it is to detect when someone is trying to take advantage of human nature and kindness. You may have seen it. It has been discussed on various media and it may be difficult to watch. But it is yet another example of how criminals use social engineering and trust to get what they want. One interviewee tells the story of how she met a guy that matched and swept her off her feet and swept her bank account clean. READ FULL STORY

Scams & Phishing

Wanted! Nighttime Bandit Steals PII Using Google Ads

Users that are searching for popular software have recently become the targets of malvertising which leverages Google Ads to install Trojan versions of Raccoon Stealer and Vidar. These malware versions are sneakily hidden within Google advertising…you know; those advertisements you see on the side of your browser window or plastered all over social media. This bandit, if clicked, will then proceed to install malware on your device. Guardio Labs has dubbed this "MasquerAd." Clever, isn't it? READ FULL STORY

Corporate Security

Russian-Backed Attackers Spear Phish U.S. Car Company

Spear phishing attacks by a notorious Russian-backed threat group were launched against a large U.S. car manufacturer, who is currently unnamed. The group known as FIN7 used the highly targeted phishing campaign to attack IT department employees and others with top levels of system access. In this latest attack, FIN7 directly targeted IT employees and those in upper levels of the company, using targeted phishing and a typosquatted website. READ FULL STORY

Scams & Phishing

A Whale of a Hack-Targeting High-Level Execs Through Azure

According to Proofpoint, a recent phishing campaign exploits Microsoft Azure, a cloud computing platform specializing in the business community. Data privacy, collaboration, and disaster recovery are just a few benefits of using this cloud. As such, hackers are using Azure to phish a range of high-ranking employees and whales, from CEO's and Vice Presidents to Finance and Account Managers. There's an ongoing malicious campaign targeting them. READ FULL STORY

Education

Top Phishing Scams Continue To Improve And Grow

Much to our dismay, cybercrooks keep finding ways to better the phishing tools they have and find other ways to include new and sneakier methods of thievery. Organizations and individuals are targets and money, identities, credentials, and more are stolen from both every day. Even cyber-savvy users can get caught in phishing scams if they don’t pay close attention to the signs and signals that something isn’t quite right. Reviewing the most pervasive phishing scams is always recommended. READ FULL STORY

Email Address

Create a new Verification Phrase Enter any word or words you like.
The email newsletter will arrive from news@stickleyonsecurity.com Please wait...