Scammers Have Reached Healers Too
How the "bank security department" now scams guides, psychologists and helping practitioners
Preface: You've probably heard stories about how "bank security officers" scam pensioners: under the pretext of a "hacked account," they trick them into giving away SMS codes and steal all their savings. Well, this scheme has reached our field too — healers, psychologists, helping practitioners. I'm sharing a fresh story from personal experience so you don't step on the same rake.
How It All Started
The other day someone messaged me on Telegram. He introduced himself as a business owner — a veterinary clinic. His story sounded perfectly plausible.
He said: we have many sensitive staff members. There are tough situations when animals don't make it, and the team takes it too personally. People burn out and quit. We need a specialist who would regularly work with them and help them process these states so the team doesn't lose its drive.
Sounds like a normal corporate request. I thought: "Interesting, let's discuss the details." We set up a separate Telegram channel where they "pulled in all the managers," and agreed on a Zoom call.
Where the Trap Was Set
They created the conference and sent the link. And this is where it gets interesting.
The link didn't lead to zoom.us, as it should have, but to a site with the address uz05webzoom.info.
Visually the page was identical to the real Zoom: same fonts, same colors, same "Sign in with Google" button. If you don't look closely at the address bar — there's no way to tell them apart.
P.S. As of writing, the site is already offline — the scammers turn it on exactly at the moment they need to "process the mark" and shut it down right after. That way it's harder to track them.
What Caught My Eye
A CAPTCHA
The first thing that caught my eye — a captcha with an image popped up. For a giant like Zoom that's very strange: I've never once seen Zoom ask for letters from an image before logging in.
A Suspicious Domain
The address uz05webzoom.info instead of zoom.us. They just neatly inserted the word "zoom" — and on autopilot the user doesn't notice.
"Sign in with Google"
Next — a standard sign-in page offering Google login. The user, not suspecting anything, enters their Gmail credentials, clicks "sign in," nothing happens — and they leave annoyed at the "buggy Zoom."
What Happens Next
The Hijack Chain
1. The entered data flies straight to the scammers.
2. Within minutes they log into your Google account.
3. Your email gets hijacked, and with it — everything tied to it: Telegram, banks, social media, work services, access to paid courses and training.
For a healer, psychologist or helping practitioner this hurts especially badly: along with the inbox goes your client base, correspondence and the trust of people that you've built up over years.
Why We Are a Tasty Target
Helping practitioners are usually open to people: we are used to responding to others' pain, believing in good intentions and helping on request. Scammers use this:
- they come with a "human" story — about burnout, loss, difficult staff;
- they play on a sense of importance — "we really need you, no one else can handle this";
- they create the appearance of a serious company — a separate channel, "managers," a corporate request;
- they rush you into a call — "let's hurry, everything is on fire here."
Life Hacks: How Not to Get Caught
1. Always read the address bar
The real Zoom only lives on zoom.us and zoom.com. Anything with "zoom" in the middle or prefixed with web, uz, online — fake. Same goes for Google, banks and any service: look at the domain, not the prettiness of the page.
2. Zoom doesn't ask for your Google login before a call
To join a conference via a link, you don't need to sign in with Google anywhere. You just open the link in a browser or the app. If they ask for your email password — close the tab.
3. A captcha on Zoom is a red flag
Major services don't show a captcha before entering a regular conference. If you're asked to "enter the letters from the image to get to the call" — it's phishing.
4. Turn on two-factor (2FA) everywhere
Even if your password leaks, without the second factor (app code, push, security key) they won't get into your account. It's free insurance against 95% of such stories. Especially critical for Gmail, Telegram, banks and social networks.
5. Join calls through the app, not via a link
Get only the meeting ID and passcode from the client, open the desktop Zoom and enter them manually. That way a phishing link can't hurt you — you simply don't open it.
6. Don't rush under pressure
"Hurry, they're already waiting," "everything is on fire," "before end of day" — these are classic manipulation moves. Take a 5-minute pause. That's enough to look at the link soberly, check the domain and make sure you're not being scammed.
7. Check who you're talking to
A "clinic owner" is a specific person. Google the clinic's name, check the website, reviews, the director's page. If there's nothing or the name looks strange — that's already a reason to pause.
8. If you already entered the password — act fast
Urgently change your Google password, sign out of all active sessions (in security settings), enable 2FA, check "email forwarding" and "filtering rules" in Gmail — scammers often set up silent forwarding to keep access longer.
The Bottom Line
Colleagues — healers, psychologists, tarot readers, guides, helping practitioners — stay alert. Scammers have reached us too. The softer and more open we are by nature, the more interesting we are to them.
If You Are a Guide or Healer — Join ERRA.CLUB
ERRA.CLUB
It's exactly because of stories like this that we are building erra.club — a closed ecosystem for guides, healers, psychologists and helping practitioners.
It's a place where you can work peacefully, communicate with clients and colleagues, without looking over your shoulder at scammers and hacks.
Registration is free — come in, settle down and work safely.
Article tags
Ready to start the healing journey?
Book a consultation and get professional help
Book an appointment
