As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by registering new fake domains and malicious executable files in an attempt to trick people into downloading malware on their devices.
According to a report published by Check Point, over 1,700 new “Zoom” domains have been registered since the onset of the pandemic.
“The recent, staggering increase means that hackers have taken notice of the work-from-home paradigm shift that COVID-19 has forced, and they see it as an opportunity to deceive, lure, and exploit. Each time you get a Zoom link or document messaged or forwarded to you, I’d take an extra look to make sure it’s not a trap.” said Omer Dembinsky, Manager of Cyber Research at Check Point.
But Zoom is not the only app to be targeted by cybercriminals. With schools turning to online learning platforms to keep students occupied, Check Point researchers said they also discovered phishing sites masquerading as the legitimate Google Classroom (e.g., googloclassroom\.com and googieclassroom\.com) website to trick unwitting users into downloading malware.
Zoom Fixes Privacy Issue in Its iOS App
Zoom, for its part, has had its share of privacy and security issues too. Last year, the video conferencing app fixed a vulnerability that could let websites hijack users’ webcam and “forcibly” join them to a Zoom call without their permission.
Then earlier this January, the company squashed another bug that could have allowed attackers to guess a meeting ID and join an unprotected meeting, potentially exposing private audio, video, and documents shared throughout the session. Following the disclosure, Zoom introduced default passwords for each meeting that participants need to enter when joining by manually entering the meeting ID.
Cyberattacks result in many bad things, including data deletion, data theft, data ransom and downtime that can be costly. Now, with vishing and phishing on the rise, your personal data is at risk, too. Cybercrime damage costs are projected to reach $6 trillion annually by 2021. It is imperative that everyone is educated about these risks to lower the chance of these attacks from happening in the first place. Want to know how to stay protected? Reach out to the cybersecurity experts on our Managed IT team for the solutions you need to put your mind at ease: visit us at Novatech.net