Look mom HR application, look mom no job – phishing using Zoom docs to harvest Gmail creds

News
Yanac

Hey all, I found a phishing campaign that uses Zoom’s document share flow as the initial trust vector. It forces victims through a fake “bot protection” gate, then shows a Gmail-like login. When someone types credentials, they are pushed out to the attacker over a WebSocket and the backend validates them. submitted by /u/unknownhad [link] [comments]Technical Information Security Content & DiscussionRead More