Scammers steal your cryptocurrencies through a fake Zoom link

Scammers steal your cryptocurrencies through a fake Zoom link

Scammers are back in action, and their latest tactic involves a deceptive link to a website that closely resembles the Zoom video conferencing platform.

After what seems like a harmless installation, malware can take control of your device, allowing hackers to drain your cryptocurrency wallet rapidly.

They are already using Zoom

A new piece of malware is targeting users of the cloud-based video conferencing service Zoom. The malware redirects users to a website that almost perfectly imitates Zoom’s official page. This is why it is crucial to stay vigilant; your investments could be at risk!

The malicious site, discovered by cybersecurity engineer “NFT_Dreww” on July 22, closely resembles the authentic Zoom video call link. According to Drew, fraudsters have already stolen $300,000 worth of cryptocurrency using this method.

How the scam operates

According to NFT_Dreww.eth, the scammers’ methods resemble established techniques. They initially approach potential victims, typically whale investors or NFT collectors, posing a series of persuasive questions such as whether they wish to become an angel investor or join their team.

Victims will then be invited to a Zoom meeting or offered a partnership opportunity. However, they provide a malicious link that appears to be a legitimate Zoom meeting.

Once the targeted individual clicks on the link, it takes them to a page resembling Zoom and gets caught in an endless loading loop. The page subsequently instructs the user to download and install a file named “ZoomInstallerFull.exe,” which is malware.

During the download process, the software appears legitimate, as users even agree to the terms of use. This allows the harmful software to be installed on the device without detection.

It then adds itself to Windows Defender’s exclusion list, preventing the antivirus from detecting it. After this, it starts collecting the victim’s information. Once it finishes, it redirects the user to the main Zoom page, creating the illusion that everything has functioned correctly.

According to the cybersecurity expert, the perpetrators frequently change the domain names hosting the malicious website, making tracking or blocking them more difficult.

Protect your investments

Given the rising incidence of scams, users are urged to exercise extreme caution when clicking on any link, even if it appears to come from a trusted source. Investors and NFT holders should also be vigilant about unexpected messages, especially those related to investment opportunities or partnership requests.

For further reading, click here to learn how to protect your phone from hackers. These recommendations were provided by a security firm, as applications on your phone and incoming messages may harbor harmful viruses that hackers can exploit to gain access to your device.

Scammers steal your cryptocurrencies through a fake Zoom link

Scammers are at it again, and their latest weapon is a malicious link to a website that looks almost exactly like the Zoom video conferencing platform.

After a seemingly innocuous installation, malware can overwhelm your device and hackers can empty your crypto wallet in no time.

They Already Use Zoom

A new malware is targeting users of the cloud-based video conferencing platform Zoom. The malware redirects users to a website that looks almost exactly the same as Zoom’s page. That’s why it doesn’t hurt to pay attention, because your investment could suffer!

The malicious website spotted by cybersecurity engineer “NFT_Dreww” on July 22 bears an uncanny resemblance to the original Zoom video call link. According to Drew, fraudsters have already stolen $300,000 worth of crypto using this method.

How the Scam Works

According to NFT_Dreww.eth, the methods of scammers are similar to well-established tricks. They start by contacting potential victims, who are usually whale investors or NFT collectors, by asking a series of persuasive questions such as whether they want to be an angel investor or join their team.

You will then be invited to a Zoom meeting or for a partnership opportunity. However, they provide a malicious link that looks like an actual Zoom meeting.

Once the target clicks on the link, they are taken to a page that looks like Zoom and gets stuck in an endless loading cycle. The page instructs the user to download and install a “ZoomInstallerFull.exe” file. This file is malicious software.

During the download period, the software looks very real, as users even sign the terms of use, enabling the harmful system to install on the device unnoticed.

Then, the software adds itself to Windows Defender’s exclusion list so that antivirus software cannot find it. It starts stealing the victim’s information and redirects them back to the main Zoom page, making victims believe everything worked fine.

According to the cybersecurity expert, behind the attack are fraudsters who constantly change the domain names used to host the malicious website, making them more difficult to track or block.

Protect Your Investments

Given the increasing trend of scams, users are advised to be very cautious when clicking any link, even if it appears to be from a trusted source. Investors and NFT owners should pay attention to unexpected messages, especially those regarding investment opportunities or cooperation requests.

Best Practices for Online Security

  • Always verify the URL before clicking links, especially those that seem to originate from well-known platforms.
  • Enable two-factor authentication on all accounts that support it, adding an extra layer of security.
  • Consider using a password manager to create and store strong, unique passwords.
  • Regularly update software and operating systems to protect against vulnerabilities.
  • Educate yourself on common scams and malware practices to stay informed.

Real-life Case Studies

Many individuals have fallen victim to similar scams. Here are a few notable examples:

Victim Loss Amount Method Used
Crypto Whale 1 $120,000 Fake Zoom Meeting Link
NFT Collector 2 $50,000 Malicious software disguised as Zoom update
Investor 3 $30,000 Phishing email with Zoom links

First-hand Experience

One victim, who prefers to remain anonymous, shared their experience: “I thought I was joining a legitimate investment meeting. The link looked so real, and they even had a professional presentation. I couldn’t believe it when I started to notice strange activities on my accounts. It was too late by then.”

How to Recognize Phishing Attempts

Recognizing phishing attempts can save you from significant financial loss. Here are some warning signs to watch out for:

  • Urgency: Scammers often use pressure tactics, urging you to act quickly.
  • Generic Greetings: Emails or messages that do not address you by name can be suspicious.
  • Suspicious Links: Always hover over links before clicking to see the actual URL.
  • Poor Grammar: Many scam messages contain spelling and grammatical errors.

What to Do if You’ve Been Scammed

If you find yourself a victim of this scam, here are steps you can take:

  1. Immediately disconnect your device from the internet.
  2. Change your passwords on any accounts you believe may have been compromised.
  3. Contact your cryptocurrency exchange or wallet provider for potential recovery options.
  4. Report the scam to your local law enforcement and relevant online authorities.
  5. Consider seeking help from cybersecurity professionals to secure your devices.

Resources for Further Learning

To protect yourself, consider exploring the following resources:

Being informed and vigilant is your best defense against scams. Stay alert and secure your valuable investments!

Leave a Replay