Researchers have published their analysis of a recent Zoom-themed phishing campaign. Zoom themes have been widely used in phishing campaign since the increased utilization of the software during the pandemic. The body of the phishing email claims the recipient’s Zoom account has been suspended and requires verification. What is unique about this campaign as compared to other Zoom phishing campaigns is the use of the legitimate Constant Contact mailer to bypass email defenses. It appears a Constant Contact user’s account was compromised and subsequently used by attackers to send the phishing emails. If a user clicks on the link in the email, they are redirected through a series of URLs beginning with a Constant Contact referrer URL. The final landing page is a copy of the Microsoft Outlook login page. Any entered credentials are exfiltrated to the attacker.