Email Phishing

Security Alert: Fake WebEx Invites Deliver Malware Instead

/in /by

A recent SCmasgazine post revealed a new phishing campaign that is masquerading as WebEx meeting invites. WebEx, headquartered in California, is a Cisco company that develops and sells web and video conferencing applications.

The scammers are sending convincing-looking email invites with meeting numbers, passwords, and times plus a “Join Meeting” button.

When users click the button, they are routed to a site and prompted to download the WebEx software. However, by abusing the Cisco Open Redirect protocol, the user is sent to a scam site instead, that downloads the WarZone malicious payload.

WarZone is a Remote Access Trojan (RAT) that can do several things, like execute commands, take over webcams, delete files, enable Remote Desktops, log keystrokes, and steal passwords.

Verify all WebEx invites you should receive and make sure they were sent legitimately. DO NOT blindly click the “Join Meeting” button!

 XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 460+ Petabytes of data with over 1400+ employees and 9 offices around the globe. Call (845) 362-9675 and let us introduce you to the ultimate defense against data loss—whatever the cause. Backup & Disaster Recovery | Business Continuity | Data Risk Assessment

You might also like
phishing victim Protecting your company from phishing attacks
ethernet-cables Phishers Using Bogus Emails
The key to education You Need More Than Simulated Phishes
Email Phishing Hackers Step Up Phishing Attacks
Security Article Roundup - Week Ending 10/06/17
American Football with fall leaves and pumpkins. Football Season The Best Offense is a Good Defense
Malicious Employee The Insider Threat
clipboard-server Ransomware - Information Held Hostage