Scammers using fake versions of Zoom’s site and software files to trick public into downloading malware

Growing alongside Zoom’s popularity are cyber scams that lure users to fake domains with similar names. — Reuters

With the increasing popularity of video conferencing platform Zoom, cybercriminals are trying to waylay the public using fake domains which sound similar.

The Hacker News reported on findings by cybersecurity film Check Point that over 1,700 new Zoom domains were registered since the start of the Covid-19 pandemic, with nearly 25% registered in the last week of March.

Check Point cyber research manager Omer Dembinsky said the staggering increase showed hackers see an opportunity to exploit the public by directing them to fake versions of the Zoom website, or sending them malicious executable files which appear to be Zoom software, to trick them into downloading malware.

“Each time you get a Zoom link or document messaged or forwarded to you, I'd take an extra look to make sure it's not a trap," he warned.

The firm found that Zoom was not the only platform to be targeted by cybercriminals, with phishing sites found to be masquerading as Google Classroom used to trick students.

Dembinsky noted that Zoom itself has had several security and privacy vulnerabilities, though the company has worked to resolve them. He advised users to always keep their Zoom app up-to-date to avoid such issues.

Another cybersecurity firm, Sophos has also found similar issues with fake Zoom domains, confirming that at least 70 of the domains were being used maliciously, often as phishing websites.

Sophos senior security advisor John Shier said cyber criminals have always taken advantage of topical issues like global events to trick the public.

“Many people are feeling scared and anxious at the uncertainty of our collective situation and are probably distracted. This is fertile ground for cybercriminals to use this distraction to their advantage,” he said, in a press release.

He advised the public to slow down and evaluate emails and websites carefully to ensure they don’t fall victim to these crimes of opportunity.

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!

Next In Tech News

Google to build its first cloud region in Greece
Tech IPO market faces worst year since global financial crisis
Tesla’s AI Day offers a glimpse of just how sentient its bots have become
Metaverse: Now the perfume industry is getting in on the game
Trump nearly tweet-fired daughter Ivanka, Kushner from White House
Gamers to bid farewell to FIFA franchise after 30 years
China tests central bank digital currency use to settle trades via ‘bridge’ with partners including Hong Kong, Thailand and UAE
AI guru is helping retool popular Japanese snacks like Pocky
SG uni student took upskirt video of woman in toilet and then waited to apologise to her

Others Also Read