Cisco Webex phishing attack wants to steal your logins
Cybercriminals are impersonating Cisco to steal Webex credentials
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Cybercriminals have launched a new series of phishing attacks which attempt to steal the account credentials ofCisco Webexusers by utilizing fake certificate error warnings.
Just as othervideo conferencing softwarehas seen a huge uptick in usage by remote workers during the pandemic, so to has Cisco’s video and team collaboration solution.
So far the campaign, which uses graphics and formatting taken from legitimate Cisco emails to impersonate the company, has already sent out phishing emails to up to 5,000 Webex users according to the email security firmAbnormal Security.
The attackers try to lure in users by inducing a sense of urgency in their phishing emails that are designed to closely resemble the automated SSL certificate error alerts that the company sends out to its customers.
Cisco Webex phishing attack
The phishing emails used in the campaign warn unsuspecting users that they need to verify their accounts as they are blocked by the administrator as a result of Webex Meeting SSL certificate errors. Users are then asked to click on an embedded “Log in” hyperlink in the message and sign in in order to unlock their accounts.
Abnormal Security provided more details on the link contained in the campaign’s phishing emails inan advisory, saying:
“The email includes a SendGrid link that redirects to a WebEx Cisco phishing credentials site hosted at “https://app-login-webex.com/”. The domain of this webpage has been recently registered by a registrar in the Czech Republic, and is not affiliated with Webex or Cisco more broadly. Attackers likely control this website and use it to steal user credential information.”
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Once the attackers have obtained a user’s Cisco Webex credentials, they could use this compromised account to launch additional attacks within their organization or even target external partners. This attack is particularly dangerous due to how well thephishing campaignhas managed to clone Cisco’s official emails in order to trick users into giving up their credentials.
ViaBleepingComputer
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
A new form of macOS malware is being used by devious North Korean hackers
Scammers are using fake copyright infringement claims to hack businesses
How to turn off Meta AI
