Pretext

Missed Zoom Meeting

Zoom users receive an email stating they missed a meeting and are provided a link to view the missed meeting information.

Methods
phone email sms voicemail chatbot physical
Payloads
doc docx xls xlsx ppt pptx pdf hta exe bat zip xss csrf click-once phishing page ole drive-by-download usb drop cloud hosted file
Goals
cred harvest malware physical access info gather bec
Description

Zoom users receive an offical-looking, automated, HTML-based email from Zoom or their Zoom account administrator stating they missed a meeting. In the email, Zoom provides the victim a link to learn about the meeting they missed. This link goes to a phishing page designed to capture the user's Zoom credentials.

Example Email(s)

Source: https://www.proofpoint.com/us/threat-insight/post/remote-video-conferencing-themes-credential-theft-and-malware-threats

Example Payload Ideas

Fake Zoom login page designed to capture user credentials.

Analysis

Missing a work meeting that you did not know about is likely to cause stress and will prompt you to immediately look into what you missed. You don't want to give your boss a reason to get upset with you!

Resources