cancel
Showing results for 
Search instead for 
Did you mean: 

Disable links in incoming SMS messages

Gus_Lippolis
Contributor I
Contributor I

From a security standpoint, we are looking for a method to disable or at least create a speed bump to users clicking on links in smishing attempts. 

 

Security software addresses this in emails but ZOOM SMS appears to be an open vector.

 

Thanks in advance for any assistance. 

2 REPLIES 2

TXUserOfZoom
Newcomer
Newcomer

+1 on this request, we're north of 6,000 users on Zoom Phone, going to be double that by the end of the year - and SMS texts are treated as a feature and not a bug... and we'd like to keep it that way but we really need a way to prevent an inbound SMS from displaying a clickable link for our users, regardless of the platform they are on (PC, Chromebooks, iOS or Android). 

Having multiple options would be beneficial, such as disable/redact the link, obfuscate it (text but adding like [.] before the TLD), or even the ability to rewrite it with a custom URL that we can have it load in a sandbox or give a rendered preview of the link instead.

TXUserOfZoom
Newcomer
Newcomer

We also need the ability to disable or obfuscate incoming SMS hyperlinks.

We're north of 6000 users using Zoom Phone as their company line, about double that by the end of the year, and we've already had malicious phishing links sent through this attack vector. We're relying on our endpoint defenses, but our use case really has no need for a link to come via SMS except in limited cases.

We'd like a way for our Zoom admins to set: remove the link altogether as our CRM does (it just gives <link removed>), obfuscate the link (for instance add [.] before the TLD, like zoom[.]us), and allow a custom link to be generated where we can hook into a sandbox of our choice and give the user either a sandboxed page, or a rendered picture of what the link would have looked like.

Sorry if this got posted twice.