Police warn Zoom users about new email scam

Kingston Police are warning Zoom users about fake emails telling them their account has been suspended. The scam convinces people to reveal details such as their login credentials, potentially putting both their personal privacy and their employer’s network at risk.

The group video conferencing app Zoom has surged to popularity this year, as millions of workplaces closed their doors and asked employees to ‘meet’ from home. In March 2020, Zoom recorded a over 200 million virtual meetings in a single day.

“If you were suddenly notified that your Zoom account had been suspended, how eager would you be to resolve the problem?” asks a release from Kingston Police. “Scammers assume you’ll be quick to respond. In fact, they hope you won’t think twice about it.”

Police say the phishing scam spoofs an email notification from Zoom. The email claims that a Zoom user’s account has been suspended, and that an “Activate Account” button in in the email must be clicked to resolve it.

Once a recipient clicks the button, Police say the user is brought to a convincing login page, styled after Microsoft.

“If you enter your details on this page, this information will be sent directly to the scammers,” Kingston Police warn. “These scammers could use your login credentials to gain access to your company or organization’s network, and sensitive information.”

Kingston Police offer the following tips to protect against the scam:

• Never click on a link within an email that you weren’t expecting.
• Remember that email addresses can be spoofed. Even if the email appears to be from a familiar organization, it could be a phishing attempt.
• When an email asks you to log in to an account or online service, log in to your account through your browser—not by clicking the link in the email. That way, you can ensure you’re logging into the real website and not a phony look-a-like.

“Stop, look, and think,” Kingston Police warn. “Don’t be fooled by the scammers.”