Zoom Phishers Register 2000 Domains in a Month
April 3, 2020 Share

Zoom Phishers Register 2000 Domains in a Month

Over 2000 new phishing domains have been set up over the past month to capitalize on the surging demand for Zoom from home workers, according to new data from BrandShield.

The brand protection company analyzed data from its threat hunting system since the start of the year, and found 3300 new domains had been registered with the word “Zoom” in them.

The vast majority of these (67%) were created in March, as the COVID-19 pandemic forced lockdowns in multiple European countries and across parts of the US.

With surging levels of interest in Zoom and other video conferencing apps, comes renewed scrutiny from cyber-criminals.

Nearly a third (30%) of the new “Zoom” websites spotted by BrandSheild have activated an email server, which the firm claimed proves these domains are being used to facilitate phishing attacks.

These could include attempts to: covertly download malware to the victim’s machine, steal money from Zoom users who think they’re buying a subscription and harvest user details to compromise accounts and/or infiltrate sensitive calls.

“With global businesses big and small becoming increasingly reliant on video conferencing facilities like Zoom, sadly, cyber-criminals are trying to capitalize,” argued BrandShield CEO, Yoav Keren.

“Businesses need to educate their employees quickly about the risks they may face, and what to look out for. The cost of successful phishing attacks is bad for a company’s balance sheet at the best of times, but at the moment it could be fatal.”

The news comes as experts continue to warn Zoom users of the potential security risks involved in logging-on to the video conferencing app.

The app was banned for employee use by the UK’s Ministry of Defence (MoD), although the Prime Minister, Boris Johnson, still used it for a Cabinet meeting.

Experts have urged users not to share meeting IDs on social media, and to ensure they generate a password for each meeting, or else risk being “Zoombombed” — that, is having uninvited guests enter the meeting.

Trend Micro principal security strategist, Bharat Mistry, argued that cyber-criminals are always on the lookout for opportunities to make a fast buck from globally trending news.

“It’s no surprise that hackers are looking to take advantage and exploit the current situation with Covid-19 especially with the mass explosion of remote working and even remote social interactions taking place,” he told Infosecurity.

Privacy experts have also expressed concerns over employer monitoring of their staff, as admin settings can provide detailed usage statistics for each employee.

Toni Vitale, head of data protection at JMW Solicitors, argued that transparency is key.

“Employees need to be told that their activities are being monitored,” he said. “In the rush to get everyone online I doubt many companies checked their HR policies.”

This post Zoom Phishers Register 2000 Domains in a Month originally appeared on InfoSecurity Magazine.

Read More