- Be suspicious of any email from unknown senders
- Never open an unknown attachment or click a link in a suspicious email
- Keep a keen eye out for lookalike domains, misspelled websites, and other red flags
- If making a purchase online, order directly from the retailer’s website, rather than from a promotional link in an email
Is Your Zoom Meeting Truly Secure? The Latest COVID-19 Phishing Trend
Cybercriminals have been taking advantage of the looser security that pandemic-related, work-from-home has provided — launching malware, phishing attacks, and more. Now a new pattern is emerging: targeting telecommunications platforms.
If you’ve been using Skype, Zoom, or Google Meet to connect with your co-workers or family, it’s time to be vigilant. While previous COVID-19 related scams typically involved hackers posing as health organizations delivering important news – Google’s Threat Analysis Group reported blocking 18 million pandemic-themed scam emails per day – the latest technique takes aim at the now-ubiquitous use of video conferencing applications.
Recent research found that out of the 1,700+ Zoom-related domains registered in a three-week period, 4% were suspicious or possibly malicious. The fake domains are used to resemble meeting notifications, complete with COVID-19 themed email alerts, inviting unsuspecting targets to download malware, reveal password information, or otherwise compromise their security.
It’s not limited to Zoom. New phishing sites have been spotted for every major communications app, including the classroom.google.com, which was impersonated by googloclassroom\.com and googieclassroom\.com.
Telework isn’t going away anytime soon, so it’s important for cybersecurity and resilience professionals to regularly check in with staffers and remind them of the basic steps they can take to protect themselves: