Keep Your Staff Alert: New Zoom and Teams Themed Phishing Scams Aim to Steal Login Credentials

Zoom-related phishing attacks have increased at an alarming rate since the onset of COVID-19. As most organizations are increasingly becoming dependent on video conferencing platforms to sustain remote working, we can only expect a surge in Teams and Zoom-themed phishing attacks.

As of late last year, Zoom hosted just about 10 million users. Fast forward to today, the video conferencing platform hosts over 200 million users and still counting. The Coronavirus pandemic forced people to stay at home, hence a sharp spike in demand for collaboration tools that enable colleagues to stay connected miles apart.

And as with almost all global events, cybercriminals have moved in fast and devised new ways to exploit video conferencing platforms’ increased dependence. They are keen to use Zoom and Teams to lure users into giving up logins or clicking malicious links to download malware.

How Do Hackers Impersonate Zoom and Trick Unsuspecting Users?

According to a recent Checkpoint Research, bad cyber actors registered over 2,449 new zoom-like domains between late April and early May this year. The report flagged out 32 of these domains as outright malignant, and 320 as relatively “suspicious.”

Here are some of the common Zoom-themed phishing campaigns you should be on the lookout for:

• Unsolicited text, email, or social media messages asking you to activate or reactivate your Zoom account: A common one is ‘Your Zoom account has been suspended. Click here to reactivate.’ Usually, the attackers will try their best to make their messages look legit, e.g., using the Zoom logo or similar domain names. Another widespread trick is receiving an email informing you that you missed a Zoom meeting and directing you to click a link to “Check your missed conference.” Clicking such links redirect you to a fake website that requires you to key in your login credentials. All along, the hacker will be in the background mining these details. Finally, you may receive a message that goes, “Meeting Canceled — Can we do a Zoom call.” Receiving the call will grant the hacker entry into your systems and give them access to your files, data, and login credentials.

There are several other tricks, but the above three are the most common.

How Can You Stay Safe From Zoom and Teams Themed Phishing Attacks?

• Deploy and Regularly Update Modern Email Spam Filters: This will help appraise you whenever you receive emails from unknown sources. Some spam filters will automatically analyze email contents and block those that link to previously identified threat sites. This will help you keep malicious emails out of your inbox. Even if they manage to bypass your gateways, do not open or share suspicious emails with others until you are sure they’re from trusted sources.
• Do Not Click Embedded Links/images or Open Files from Unknown Senders: Whether sent by email, social media messages, or texts. If you’re unsure who the sender is, hover the mouse over the email address or the attached link to see the sender’s details.
• Use Strong and Unique Passwords for Each Online Account: This ensures that even if hackers steal your Zoom credentials, all your other accounts will still be safe. If you must use similar logins, then at least back them up with robust MFA protection.
• Regularly Update and Patch Your Software and Operating System: New updates always come with extra security features.
• Be on the Lookout for Spoofed Domains: The only official Zoom domains are zoom.com and zoom.us.

Why Do You Need to Stay Alert and Increase Your Staff Cybersecurity Awareness?

Hackers can use Zoom phishing attacks to steal your logins and sell them on the dark web. Alternatively, they can use such credentials to access and take control of your other online accounts. Worse still, such attacks can be launched to trick your employees into clicking links that install malware into your systems.

As remote working is becoming the norm, video conferencing has become an indispensable component of the workspace. Therefore, your business needs to invest more in safeguarding Zoom, Teams, and other online collaboration spaces.

TREYSTA Technology Management is with you throughout every step of this journey. Give us a call now at (888) 242-0244 for the best cybersecurity solutions in and around Pennsylvania.