Click, Install, Compromised: The New Wave of Zoom-Themed Attacks (opens in new tab)

This blog explains how threat actors are evolving beyond traditional credential phishing by using convincing Zoom-themed social engineering attacks to trick users into installing ConnectWise ScreenConnect, a legitimate remote monitoring tool that can provide attackers with persistent remote access to compromised systems. The campaign uses realistic fake Zoom meeting pages, audio playback, and fraudulent software update prompts to persuade victims to execute a disguised VBS installer that sile...