{"id":808,"date":"2026-06-08T13:45:22","date_gmt":"2026-06-08T18:45:22","guid":{"rendered":"https:\/\/www.wisconsin.edu\/information-security\/?p=808"},"modified":"2026-06-10T11:38:14","modified_gmt":"2026-06-10T16:38:14","slug":"zoom-invitation-phishing-is-this-really-a-zoom-webinar","status":"publish","type":"post","link":"https:\/\/www.wisconsin.edu\/information-security\/2026\/06\/08\/zoom-invitation-phishing-is-this-really-a-zoom-webinar\/","title":{"rendered":"Think Before You Click: Unexpected Zoom Meeting Invitations"},"content":{"rendered":"\n<p>Zoom has become part of our daily routine for meetings, webinars, training, and quick check-ins. Because it is a tool we know and trust, most of us open a Zoom invitation without a second thought.<\/p>\n\n\n\n<p>That habit is exactly what some bad actors are hoping for.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">What Is Happening<\/h3>\n\n\n\n<p>Spammers and scammers have learned to slip past our email protection by sending their messages through Zoom itself. Because the invitations come from real Zoom addresses, they look legitimate to the filters that catch most junk mail. Some are nothing more than pushy marketing. Others are phishing attempts designed to steal your sign-in details, install malicious software, or pressure you into handing over sensitive information.<\/p>\n\n\n\n<p>The important takeaway is this: an invitation can arrive from a genuine Zoom address and still be unwanted or dangerous.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Warning Signs<\/h3>\n\n\n\n<p>Treat a Zoom invitation with extra care when it:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Arrives for a meeting, webinar, or event you never signed up for.<\/li>\n\n\n\n<li>Pushes you to act immediately or warns of a consequence if you do not.<\/li>\n\n\n\n<li>Comes from a person or organization you do not recognize.<\/li>\n\n\n\n<li>Includes an attachment or asks you to download or install something.<\/li>\n\n\n\n<li>Wants you to sign in when no meeting was on your radar.<\/li>\n\n\n\n<li>Leans on attention-grabbing topics like leadership, HR, or payroll.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Before You Join<\/h3>\n\n\n\n<p>A quick pause is usually all it takes to stay safe:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Make sure you actually know who set up the meeting.<\/li>\n\n\n\n<li>Ask yourself whether you were expecting this invitation at all.<\/li>\n\n\n\n<li>Hover over any link to see where it really leads before clicking.<\/li>\n\n\n\n<li>Skip any attachment or download you were not anticipating.<\/li>\n\n\n\n<li>If something feels off, do not click. Report it instead.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Recommended Settings in Microsoft 365 (Outlook)<\/h3>\n\n\n\n<p>A few adjustments in Outlook can keep these invitations from reaching your calendar in the first place:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Never click \u201cAccept,\u201d \u201cDecline,\u201d or \u201cTentative\u201d on a meeting identified as spam or from an unknown individual. Instead, delete the message so it goes to your mailbox trash folder.\n<ul class=\"wp-block-list\">\n<li>Safe deletion: If an invite already hit your calendar, delete the spam email that triggered it from your Junk folder; the calendar entry will often disappear with it.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Stop automatically adding events from email: In Outlook, go to Settings (gear icon) &gt; Calendar &gt; Events and invitations.\n<ul class=\"wp-block-list\">\n<li>Review options such as automatic processing of invitations and whether invitations are deleted from the Inbox after responding.<\/li>\n\n\n\n<li>For spam control, keep invites visible in mail (so they can be treated as junk) and avoid auto-accepting or auto-processing invites from unknown senders.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Clear your junk folder and verify blocked and safe lists:\n<ul class=\"wp-block-list\">\n<li>Periodically empty the Junk Email folder so old spam invites, and their calendar items, are removed.<\/li>\n\n\n\n<li>Re-check blocked senders and domains, along with safe senders and domains, to ensure no spam domain has been accidentally added as safe.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">How to Report It<\/h3>\n\n\n\n<p>Reporting these messages helps protect everyone, not just you.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You can also flag bad actors directly to Zoom through its Trust and Safety form at <a href=\"https:\/\/zoom.us\/trust-form\">https:\/\/zoom.us\/trust-form<\/a>. Choose \u201cReport Abusive Behavior or Content,\u201d add the meeting and sender details, and submit. Then delete the original if it is still in your inbox.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">When in Doubt<\/h3>\n\n\n\n<p>If you cannot tell whether a Zoom invitation is real, the safest move is to stop and check. A quick message to the supposed organizer, or a note to your campus help desk, can settle it in moments and head off a real problem.<\/p>\n\n\n\n<p>You can reach your campus help desk here: <a href=\"https:\/\/kb.wisc.edu\/helpdesk\/5427\">Universities of Wisconsin (UW System) \u2013 IT Help Desks Contact Information<\/a><\/p>\n\n\n\n<p>The safest invitation is the one you know you were expecting.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Zoom has become part of our daily routine for meetings, webinars, training, and quick check-ins. Because it is a tool we know and trust, most of us open a Zoom [&hellip;]<\/p>\n","protected":false},"author":6587,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[31,33,21,27,38,1],"tags":[],"class_list":["post-808","post","type-post","status-publish","format-standard","hentry","category-emerging-threats","category-faculty-staff-awareness","category-phishing","category-scam-awareness","category-threat-spotlight","category-uncategorized"],"publishpress_future_action":{"enabled":false,"date":"2026-06-23 00:43:58","action":"change-status","newStatus":"draft","terms":[],"taxonomy":"category","extraData":[]},"publishpress_future_workflow_manual_trigger":{"enabledWorkflows":[]},"_links":{"self":[{"href":"https:\/\/www.wisconsin.edu\/information-security\/wp-json\/wp\/v2\/posts\/808","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.wisconsin.edu\/information-security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wisconsin.edu\/information-security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wisconsin.edu\/information-security\/wp-json\/wp\/v2\/users\/6587"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wisconsin.edu\/information-security\/wp-json\/wp\/v2\/comments?post=808"}],"version-history":[{"count":9,"href":"https:\/\/www.wisconsin.edu\/information-security\/wp-json\/wp\/v2\/posts\/808\/revisions"}],"predecessor-version":[{"id":830,"href":"https:\/\/www.wisconsin.edu\/information-security\/wp-json\/wp\/v2\/posts\/808\/revisions\/830"}],"wp:attachment":[{"href":"https:\/\/www.wisconsin.edu\/information-security\/wp-json\/wp\/v2\/media?parent=808"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wisconsin.edu\/information-security\/wp-json\/wp\/v2\/categories?post=808"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wisconsin.edu\/information-security\/wp-json\/wp\/v2\/tags?post=808"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}