Fake Vanity URLs on Zoom and Google
URL spoofing enables targeted social engineering attacks. Varonis warns against fake vanity URLs on Zoom and Google. Varonis Threat Labs have discovered vulnerabilities in Zoom, Box and Google Docs that allow cybercriminals to easily forge invite URLs. As a result, phishing links appear trustworthy even for trained employees, which significantly increases the likelihood of a successful attack: If they click on the link of their supposed employer, customer or partner, they will be taken to a phishing page that looks authentic and where they can be found should reveal sensitive data such as passwords and personal information. Depending on the social engineering technique, this information appears to users...