Cisco Webex Meeting icon

Watch for a Webex phishing attempt

The Cybersecurity Operations Center at UW–Madison is aware of an active phishing campaign targeting Webex users. While UW–Madison is not currently a target (under 10 phishing emails received), please be vigilant if you receive emails stating your Webex software is out of date. Cisco will NOT contact users via email that their Webex software requires an update. 

How can I identify this phishing attempt?
The phishing email attempts to trick you into believing your Webex version is vulnerable and an update is required.

  • The email is sent from a spoofed address imitating Cisco. 
  • The message states: “To fix this error, we recommend that you update the version of Cisco Meetings Desktop App for Windows” and points you to a “Join” button to learn more about the “update.” 
  • Instead of an update, the “Join” button takes you to a site that attempts to steal your Webex credentials by imitating a legitimate Cisco login site. 

What should I do if I receive this phishing attempt?
Use the option in Outlook to “Report a Phish” and it will be deleted from your inbox.

What should I do if I accidentally clicked the “join” button?
Immediately change your NetID password by following the instructions in NetID: Changing a Password (Source: KB-20589)

How can I learn how to recognize other phishing attempts?
Go to Learn how to recognize and report phishing (Source: it.wisc.edu)

This particular Webex phishing attempt demonstrates how complex and realistic phishing has become. For more information on this threat read the article, Cisco “Critical Update’ Phishing Attack Steals Webex Credentials (Source: threatpost.com)

If you have questions, please contact the DoIT Help Desk.