Cyber criminals target Zoom, other work-at-home communication apps

Our increased dependency on technology during this period of self-isolation, especially our heavy reliance on Zoom, has not been overlooked by cyber criminals.

According to the security software company, Checkpoint, there has been a "major increase in new domain registrations with names including “Zoom” ... Since the beginning of the year, more than 1700 new domains were registered and 25% of them were registered in the past week. Out of these registered domains, 4% have been found to contain suspicious characteristics."

They point out that Zoom isn't the only application targeted by cyber criminals, with new phishing websites "for every leading communication application, including the official classroom.google.com website, which was impersonated by googloclassroom\.com and googieclassroom\.com." They have also detected malicious files with names such as  “zoom-us-zoom_#.exe” and “microsoft-teams_V#mu#D_#.exe”.

To enhance your security when working with Zoom, we recommend reading the new addition to the Zoom collection of IT Knowledgebase articles, Zoom enhanced security settings for teaching, whether you're conducting a class or meeting. It includes tips on how and why to configure your Zoom profile to "Only authenticated users can join meetings", "Play a sound when participants join or leave", "Allow host to put attendee on hold”, enable the "Waiting Room" feature, and how to remove users from a class or meeting if necessary.

And as a reminder of how to spot and stop a phishing email, read Spot, Protect Yourself, and Recover from Phishing  (or brown.edu/go/phishing).

Phishing
Phishing Email (in the wild)

Written by pfalcon@brown.edu on