Phishing Email Scam: Zoom Meeting Invite

Phishing Email Breakdown 

This email invites the recipient to click a link to access a file for a Zoom meeting. The link directs the user to a fake Zoom website, which claims the Zoom client needs to be updated and prompts them to download a malicious program that pretends to be the Zoom client. Once downloaded, the program itself is malware that compromises the device and potentially grants attackers’ unauthorized access. 

Visual Example of the Phishing Email 

Full Text from the Phishing Attempt 

{user} invited you to access a file 

{meeting code and password} 

ZOOM MEETING INVITE

How to Protect Yourself? 

1. Verify the Sender: Always verify the identity of individuals claiming to be someone important, especially if the message seems out of the ordinary and asks for personal information. 
2. Avoid Clicking on Suspicious Links: Hover over or copy the link to view the complete domain name. Scammers often create URLs that resemble authentic ones by inserting subtle misspellings or extra characters. If the link looks suspicious, it’s safer to visit the official website directly or use a reputable search engine to find the correct webpage. 
3. Review Grammar and Punctuation Carefully: If a message is filled with spelling mistakes, inconsistent sentence structure, or odd phrasing, it may indicate a phishing attempt. 

Important Notes: 

1. Report Suspicious Messages: Reporting phishing attempts helps prevent others from falling victim to these attacks. Send suspicious messages to is-spam@mcmaster.ca for review and investigation. 
2. Educate Yourself: Learn about common phishing tactics. Consider participating in the Information Security Training Program to protect against cyber threats and secure your digital world.