IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

WebEx phishing scam spoofs Cisco to target remote workers

PDC expects phishing emails to continue to plague remote workers over the next few months

Cisco Webex logo under a magnifying glass

The Cofense Phishing Defense Center (PDC) has discovered a new phishing campaign that targets employees working from home during the coronavirus pandemic.

PDC claims that hackers are attempting to harvest Cisco WebEx credentials using a security warning for the application and have successfully averted Cisco’s own Secure Email Gateway.

In a blog post detailing the attacks, PDC’s Ashley Tran explained that hackers send “an email with varying subject lines such as “Critical Update” or “Alert!” from the spoofed address “meetings[@]webex[.]com”. Tran said that these are able to “gauge users’ curiosity enough to entice them to click in order to take the requested action”.

“The phishing page to which users are redirected is identical to the legitimate Cisco WebEx login page; visually there is no difference,” she warned. “Behavior-wise, there is a deviation between the real site and the fraudulent page.

"When email addresses are typed into the real Cisco page, the entries are checked to verify if there are associated accounts. With this phishing page, however, any email formatted entry takes the recipient to the next page where they then requested to enter their password.”

PDC predicts that phishing emails will continue to plague remote workers in the next few months. Last month, it discovered that cyber criminals were posing as UK mobile network operator Three as part of another sophisticated phishing campaign designed to extract the financial details of its customers. 

Last week, the US Cybersecurity and Infrastructure Agency’s assistant director for cybersecurity, Bryan Ware, advised the public to “remain vigilant”, be wary of “suspicious emails”, and to seek information only from trusted sources.

“As the COVID-19 outbreak continues to evolve, bad actors are using these difficult times to exploit and take advantage of the public and business," he said.

Hackers have also posed as Gov.uk and the US Centers for Disease Control and Prevention (CDC) to spread phishing emails, while the World Health Organisation (WHO) and hospitals have also recently had their computer systems compromised by cyber criminals.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Education and government most at risk from email threats
phishing

Education and government most at risk from email threats

26 Nov 2021
Attackers use CSS to fool anti-phishing systems
phishing

Attackers use CSS to fool anti-phishing systems

11 Nov 2021

Most Popular

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Open source giant Red Hat joins HPE GreenLake ecosystem
automation

Open source giant Red Hat joins HPE GreenLake ecosystem

28 Jun 2022
Carnival hit with $5 million fine over cyber security violations
cyber security

Carnival hit with $5 million fine over cyber security violations

27 Jun 2022