With many people working from home and meeting virtually, there’s been an uptick in spearfishing attacks.
On Gmail, the bad actor needs only your email address to send an invite that adds to your calendar by default. Then, you might click on what appears to be a meeting link, which actually takes you to a malware site.
Zoom has also become an attack vector. You get an invite to a meeting that asks you to login into Microsoft Outlook. You’ve done it so many times before, except this is a fake login page, and it’s set up to steal your access credentials.
Protect yourself
As with any other type of email scam, you need to be careful about the links you click. Some indicators to look for, which you can see in our opening example, include:
spelling mistakes;
urgent appeals;
poor phrasing;
suspicious links.
Email addresses, links, and domain name inconsistencies are more bad signs. Plus, be wary if something seems too good to be true (a free laptop?) or is an unusual request (transfer $1 million from the CEO’s account).
Want to know more? Click the article below
