Cyber Criminals Are Trying To Exploit Zoom's Popularity To Promote Their Phishing Scams
Cyber criminals are trying to trick Zoom users as the video-conferencing platform surges in popularity as a result of the coronavirus pandemic forcing people to work – and socialise – remotely.
March saw the number of daily Zoom meeting participants reach over 200 million, compared to 10 million in December, as people turn to the platform as a means of helping to adjust to life during the COVID-19 outbreak. In many cases, it's being used by people who are working remotely for the first time.
But Zoom's sudden growth in popularity hasn't gone unnoticed and cyber criminals are increasingly targeting users of the platform.
According to data from cybersecurity company BrandShield, the number of domains containing the world 'Zoom' hugely increased during March, with hundreds appearing every day by the end of the month. As many as 2,200 new 'Zoom' domains were registered in March alone, taking the total to over 3,300.
SEE: Cybersecurity: Let's get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)
Researchers note that almost a third of these new websites are attached to an email server, which points towards the possibility that they're being used in phishing attacks to harvest login credentials from unwary users.
With remote workers expecting to be sent invites to Zoom conference calls, it's providing opportunities for attackers to send phishing emails containing links to phoney login pages that aim to steal the usernames and passwords entered – something that attackers could exploit to gain access to corporate accounts and to conduct further attacks.
"With global businesses big and small becoming increasingly reliant on video-conferencing facilities like Zoom, sadly, cybercriminals are trying to capitalise," said Yoav Kren, CEO of BrandShield.
"Businesses need to educate their employees quickly about the risks they might face, and what to look out for. The cost of successful phishing attacks is bad for a company's balance sheet in the best of times, but at the moment it could be fatal."
SEE: Coronavirus: Business and technology in a pandemic
Coronavirus has become a key lure used in cyberattacks; not only are attackers using fake domains, but the subject has become highly common in phishing attacks. Messages claiming to be from healthcare professionals, logistics providers and others are being used in efforts to steal financial information, install malware and to commit other cyberattacks.
The UK's National Cyber Security Centre (NCSC) has previously warned that, as the coronavirus outbreak intensifies, the volume of attacks looking to exploit it will increase and has offered advice on how to spot and deal with suspicious emails.
MORE ON CYBERSECURITY
- Windows 10 alert: Zoom client can leak your network login credentials
- Zoom boss says it'll freeze feature updates to address security issues CNET
- Zoom fixes security flaw that could have let hackers join video conference calls
- FBI warns about Zoom bombing as hijackers take over school and business video conferences TechRepublic
- How to prevent your Zoom meetings being Zoom-bombed (gate-crashed) by trolls
Reassessing AI Investments: What The Correction In US Megacap Tech Stocks Signals
The recent correction in US megacap tech stocks, including giants like Nvidia, Tesla, Meta, and Alphabet, has sent rippl... Read more
AI Hype Meets Reality: Assessing The Impact Of Stock Declines On Future Tech Investments
Recent declines in the stock prices of major tech companies such as Nvidia, Tesla, Meta, and Alphabet have highlighted a... Read more
Technology Sector Fuels U.S. Economic Growth In Q2
The technology sector played a pivotal role in accelerating America's economic growth in the second quarter of 2024.The ... Read more
Tech Start-Ups Advised To Guard Against Foreign Investment Risks
The US National Counterintelligence and Security Center (NCSC) has advised American tech start-ups to be wary of foreign... Read more
Global IT Outage Threatens To Cost Insurers Billions
Largest disruption since 2017’s NotPetya malware attack highlights vulnerabilities.A recent global IT outage has cause... Read more
Global IT Outage Disrupts Airlines, Financial Services, And Media Groups
On Friday morning, a major IT outage caused widespread disruption across various sectors, including airlines, financial ... Read more