Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
A cruel new phishing scam arrives in your email inbox reminding you of an "emergency" company Zoom meeting that's due to start in only a few minutes. Why should you join in? Because the email says you might be getting fired.
Researchers at Abnormal Security discovered this ruse and shared a sample email message, which calls itself an "Offer Letter Review Meeting" and pretends to come from your employer.
- Zoom privacy and security issues: Here's what's wrong so far
- Zoom 5.0 is out now: How to upgrade and what's new
- Just in: Surprise report says Zoom is safer than FaceTime
"Your presence is crucial to this meeting and equally required to commence this Q1 performance review meeting," the body of the email says. The stated purpose of the meeting: "Contract Suspension/Termination Trial."
Yeah, we'd click on that pretty quickly too. It just so happens there's a handy text link right in the body of the email to "Join this Live Meeting." That link takes you to what appears to be the Zoom login page, but it's in fact a perfect fake with a URL that's different from the real URL at "https://zoom.us/signin".
If you enter your Zoom credentials, then your credentials become the bad guys' credentials, and they'll have full access to your Zoom account as well as to any other account with which you used the same username and password. (Don't reuse passwords, and use one of the best password managers.)
You won't get access to Zoom by logging into this page, and as Abnormal Security points out, you might think there was an error and enter your credentials a second time.
How to avoid this phishing scam
Abnormal Security found this scam campaign using Microsoft's Office 365 email services, but in fact this could happen on almost any email platform.
To avoid falling for such phishing scams, the easiest thing to do is to not click on links within emails and, failing that, to check where a weblink takes you by hovering your mouse pointer over it before clicking to display the destination URL.
The urgency of this phishing email is designed to make you forget such safeguards, however. And we have to confess that a similar phishing email fooled us a couple of years ago. The only thing that saved our bacon was that we happened to have one of the best antivirus programs installed -- it blocked our browser from displaying the phishing page.
