Page Loader
Hackers are using Zoom, Google Meet for phishing attacks

Hackers are using Zoom, Google Meet for phishing attacks

May 12, 2020
09:19 pm

What's the story

The spread of COVID-19 has surged the global demand for video-conferencing services like Zoom and Google Meet. From students to professionals, everyone is switching to these platforms to get their day to day tasks done from the safety of their homes. But, as it turns out, hackers are also using these platforms - for carrying out sophisticated phishing attacks. Here's all about it.

Issue

Domains matching those of Zoom, Google Meet registered

In a recently-published report, researchers at Check Point revealed that hackers have lately been registering domains matching those of Zoom, Google Meet, and Microsoft Teams. They said the URLs have minor differences but could easily be used to pose as the official site and trick users into downloading dangerous malware or giving away access to their personal information, The Verge reported.

Details

Nearly 2,500 Zoom-related domains registered

Out of the questionable domains flagged in the last three weeks, as many as 2,449 were found to be related to Zoom, with 32 of those being flagged as 'malicious' and 320 being categorized as 'suspicious'. The researchers also noted a case in which an email that appeared to have come from Microsoft Teams downloaded a malware instead of redirecting to the Teams app.

WHO phishing

WHO's name also being used for phishing

Along with these services, hackers are also using the name of WHO for attacks. As per Check Point, they are either sending fake emails to solicit donations - and trick people into paying money to Bitcoin wallets - or are attaching files capable of downloading malware with them. The researchers also cited a few examples of such emails in their report.

Information

Google had also warned about fake WHO emails

Last month, Google had also raised alarms on phishing emails in the name of WHO and other organizations. The internet giant had revealed that it has seen a surge in scams around COVID-19 and is blocking over 18 million malicious emails daily.

Protection

How to stay protected?

To dodge such scams, double-check the URL tab and make sure to open only official websites of services like Zoom, Google Meet, and Microsoft Teams. Also, do keep a close eye on incoming emails and avoid clicking on any suspicious link/attachment in those messages, even if it is a message for claiming a reward or an urgent warning for account-related changes.