Covid-19 brings Zoom phishing scams to the fore

Leading security app provider PSafe estimates that so far this year there have been in excess of 47 million unique phishing scams. A number of these have been targeted at the collaborative software platforms that have seen huge increases in use since the mass move to remote/home working in response to the pandemic. One such platform is Zoom.
Zoom’s user-base has rocketed in the past year from around ten million to over 200 million. This has brought out the scammers en masse, especially those using phishing.

What to look out for

There are three common emails that Zoom scammers are using:
The first email has the subject line “Missed Zoom Meeting,” and tells you that you have missed a scheduled meeting. The email includes a link that says “Check your missed conference”. Clicking on this will take you to a bogus Zoom website where you will be asked to enter your details. These are then harvested by the scammers.
The second email has “Zoom Account” as the subject and includes a welcome message for users who have recently set-up new accounts. This email displays a link that says something like “Activate your Zoom account”. Clicking on this takes you to a fake Zoom website where you have to login and your credentials are subsequently stolen.
The third email targets manufacturing, IT, construction, energy, marketing, technology, and other firms with malware. The email subject line is usually something along the lines of “Meeting cancelled – Could we do a Zoom call?” and the malware downloads and activates when the recipient clicks on any of the links within the email. This can then give hackers access to computer files, personal information, or even the entire network.

How to protect yourself

Remaining vigilant and following best practice in terms of cyber-hygiene will help reduce the risk of an attack penetrating your system.
– Don’t click on links in, or download attachments from, any email that is from an unknown sender. Always check the sender’s details by fully viewing the ‘From’ address line and do not open anything if the email address looks dubious.
– If there are links in the email, hover over them with your mouse to view the embedded URL. If the URL seems odd or unfamiliar do not click on it.
– Be cautious about opening emails from senders who are not in your safe contacts list, or from people you do not recognise. If you are unsure, take time to verify the person with a basic background check, then contact them using an alternative method to ask if they have sent you an email. Don’t forward or reply to the email itself until you have verified the alleged sender.
– Make sure that you run updates as soon as they become available for all programs on your devices, and for your operating system. These updates often include security patches to fix vulnerabilities that have just been identified.
– Use complex and unique passwords for each account that you have and never use the same password/username combination twice. Using a password manager can make things easier as they can auto-generate robust passwords and remember them for you.
– Make sure any domain you visit is the genuine one. For example, the only official domains for Zoom are zoom.us and zoom.com. Check for spoofed domains that are similar but not quite right, such as zooom.us or zoum.us.

The risks

If hackers get hold of your Zoom or any other account credentials, they may also be able to unlock other accounts. This is especially the case if you have used the same username/password combination on other platforms (which is never a good idea!). If they manage to get into your company’s network using your Zoom account details, they can potentially access sensitive documents as well as plant malware that could affect the entire company.

Given the amount of security issues Zoom has had since its growth in popularity, it is not recommended to use the software in a business environment especially if sharing sensitive information. Additionally, if the business is already using Microsoft Office it is likely the licenses in use will include Teams. This is Microsoft’s alternative to Zoom which has the same functionality and arguably is far more secure in a B2B environment.

If your business hasn’t yet explored the full potential of the Microsoft products and licenses available then give Cloudworks a call. We are specialists in cloud technologies, cyber-security and support. In addition, we continuously monitor our clients IT cloud infrastructure to ensure they are secure and protected against the latest threats. Give us a call to find out more and we will find the best strategy and solution to fit your business.

Call us on 0115 824 8244 or email info@cloudworks.co.uk