Tips to Avoid Social Engineering Attacks During Video Calls
Many organizations are still working remotely during this time, and the hackers are targeting people by spoofing popular video conferencing software, such as Microsoft Teams and Zoom. Video conference themed phishing attacks can come in all different types of disguises. For example, you may receive a phony welcome email that asks you to set up your new account or need to reset your password and it captures what you put in. Another is where you could receive an email claiming that you need to reschedule a missed meeting. Even as a more alarming example, you may receive a fake notice that your account has been suspended and you cannot join a meeting without first clicking the link the email.
No matter what tactics the hackers are trying to use, stay safe from video conference phishing scams by keeping in the mind the following tips:
Check the from and reply-to email address, watch out for red flags that stick out. These can include things like misspellings for example “Zooom” or “Teans”, as this is a common trick that is used by the scammers.
Keep the application updated to latest version, which might have the latest features or patch updates that could block potential vulnerabilities.
When you are asked to log in to an account make sure you know who it's coming from and only open from trusted sources. Sometimes it is better to not click on the link that is sent to you but go to the official website to log in. This will make sure you are at the right website and not a spoofed site where they can steal your information.
Double check to make sure the video conference matches up correctly, it is important to keep note of any video conferencing meetings that might have been missed, the times they are meant to be, and who they are meant to be with. Check for any inconsistencies that might be apparent to the user.
Without thinking do not click on a link within an email that you were not expecting.
Some extra settings that help protect meetings are, turn on the option to require a password to join, and turn on waiting room option.
Scammers will try to catch us off guard and it is important to be aware of these tips, so that we do not fall victim to another phishing scam. This will help not put yourself or your company at risk.