With everyone working remotely tricking people over WebEx, Zoom, etc. into giving up credentials is now becoming more common. Now is the time for the security people to step up and start training others on how to spot fakes.

The scheme comes in two variations. Variation 1 has the hacker get on a video conference with the victim and pretend to help them with an issue while capturing their credentials. Variation 2 has the hacker get on a video conference with the help desk, often posing as a new employee, asking for help with issue and capturing credentials.

The credentials are captured either using a fake web page, fake VPN log in box, or another fake log in box (e.g. email) that simulates the company’s actual infrastructure so that hackers can then exploit the newly acquired credentials.