Zoom is one of the first names that comes to mind when you think of tools for remote working and online chatting.
However, its popularity has paved the way for cyber criminals. They’re using its name to steal sensitive information.
At least six convincing-looking download sites have been discovered by researchers. They are not the real deal. They are intended to entice you into downloading FAKE Zoom software that contains ‘information stealers’ and other forms of malware (malicious software).
Use one of these sites by mistake, thinking you’re downloading a Zoom update… and you risk having sensitive data stolen. Perhaps your banking information, passwords, or browser history.
Some people can even steal your multi-factor authentication information. This could provide cybercriminals with access to your most sensitive information.
The study also discovered ‘stealer logs’ for sale on the dark web, where criminals can purchase this information and use it to gain access to business networks.
Once a cyber criminal gains access to your network, any data you store becomes a target. In extreme cases, this may expose you to ransomware attacks or data theft.
While these fake websites can be extremely convincing, take these simple precautions to avoid being fooled:
- Before downloading the Zoom application (or any application), double-check the website address. Is it what you expected? If you clicked an email to get to that site, are you 100% sure it’s from the real company?
- Examine the rest of the web page as well, looking for anything that doesn’t seem right, such as spelling errors or a clunky layout.
- Ensure that your security software is up to date and actively scanning for malware and suspicious downloads.
- Make a plan to implement this advice throughout your organization.
If you need any help or advice to keep your business protected from malware and other security threats, get in touch.