Security Alert | Spam Emails Containing Suspicious Links From GoToWebinar Trial Account Users - GotoMeeting

iStock-1068838170

As the world continues to adjust to the “new normal” and increasingly work remotely, there has been a generally observed increase of cyberattacks. As part of our commitment to security, we want to make sure our users and the public are aware of recent reports of suspicious emails being sent that falsely portray GoToWebinar Customer Care emails.

These e-mails are being sent by a bad actor abusing GoToWebinar free trial accounts, from the ‘customercare@gotowebinar.com’ email alias, with varying names associated to the trial user’s sign-up information, and using subject lines such as “Game”, “New Games”, or “Interesting Games.” Reports indicate that these e-mails generally ask recipients to click on a suspicious link intended to drive them to a webpage with inappropriate content and a registration form.

Please take note, while the customercare@gotowebinar.com e-mail alias is legitimate, this email did NOT come directly from someone at GoToWebinar or LogMeIn but through a trial account. This trial account user is abusing the ability to customize a GoToWebinar email invitation (e.g., an email sent when someone is inviting people to attend their own webinar). You will never receive an email from us with inappropriate content.

We have temporarily suspended the GoToWebinar online trial process in order to swiftly remediate this issue and mitigate any potential risk of harm.

If you received an email that meets the criteria mentioned above and clicked on a such a link, as a precaution, we recommend that you change the passwords for your most important accounts (email, banking, etc.) and enable two- or multi- factor authentication, wherever possible.

While we are diligently working to shut down the suspicious trial accounts sending these fraudulent emails, we are additionally asking you to stay vigilant and be aware of the tell-tale signs of phishing attacks and online security best practices to help keep your information secure.

  • Beware of phishing attacks. Do not click on links from people you don’t know, or that seem out of character from your trusted contacts and companies.
  • Never reuse passwords on multiple accounts. Use a different, unique password for every online account.
  • Turn on two-factor authentication where applicable, especially for services like your bank, email, Twitter, Facebook, etc.
  • Run antivirus, end-point protection, and/or anti-malware protection software, as well as regularly update your software and anti-virus signatures.

Looking Ahead
Businesses around the globe rely on GoToWebinar to create captivating virtual events for hundreds or even thousands of attendees. In addition to measures already in place intended to protect our users, our team is in the process of further strengthening GoToWebinar trials against fraudulent usage by evaluating additional user-facing and back-end tools, technology, and process in order to prevent or reduce the likelihood of such similar suspicious or fraudulent behavior in the future.

As always, if you receive a suspicious email that looks like it came from LogMeIn, please report it to security@logmein.com.