Security Alert: Fake WebEx Invites Deliver Malware Instead

A recent SCmasgazine post revealed a new phishing campaign that is masquerading as WebEx meeting invites. WebEx, headquartered in California, is a Cisco company that develops and sells web and video conferencing applications.

The scammers are sending convincing-looking email invites with meeting numbers, passwords, and times plus a “Join Meeting” button.

When users click the button, they are routed to a site and prompted to download the WebEx software. However, by abusing the Cisco Open Redirect protocol, the user is sent to a scam site instead, that downloads the WarZone malicious payload.

WarZone is a Remote Access Trojan (RAT) that can do several things, like execute commands, take over webcams, delete files, enable Remote Desktops, log keystrokes, and steal passwords.

Verify all WebEx invites you should receive and make sure they were sent legitimately. DO NOT blindly click the “Join Meeting” button!

 XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 460+ Petabytes of data with over 1400+ employees and 9 offices around the globe. Call (845) 362-9675 and let us introduce you to the ultimate defense against data loss—whatever the cause. Backup & Disaster Recovery | Business Continuity | Data Risk Assessment