Zoom Brings New Cybersecurity Threats to the Table

A more remote workforce means more remote meetings. As COVID-19 stay-at-home orders continue around the globe, companies are turning to teleconferencing platforms to stay connected – and there’s nothing that cybercriminals love more than exploiting a new route of attack like Zoom. 

• Fraudulent files with “Zoom” prominently featured in the name are a growing risk to users who think they’re installing Zoom’s official software but are really installing malware.
• Sometimes Zoom imposter files contain InstallCore, allowing cybercriminals to remotely deploy keyloggers and other applications at their leisure. 
• Thousands of sites have been recently created with “Zoom” in their name and many will be used to facilitate phishing attacks against unwary workers and companies. 
• Fake invitations to Zoom meetings are luring unsuspecting staffers to join by clicking spurious links that allow hackers to harvest personal information and passwords.   
• Stolen Zoom account credentials are available for free in Dark Web markets, including 352 discovered by a cybersecurity firm less than two weeks ago.

The popularity and usefulness of Zoom and similar tools will only continue to grow. Avoid the Zoom-related traps set by the bad guys by staying alert to the possible vectors of infection that staffers will encounter while teleconferencing.

• If you aren’t already using multifactor authentication, add it now to prevent stolen or cracked passwords (the top cause of data loss) from being useful to cybercriminals.   
• Invest in quality Dark Web monitoring to be alerted right away if your company’s sensitive data, employee information, logins, and passwords or Zoom credentials are for sale. 
• Make sure that every user is aware of the threats posed by cameras when using video calls and video conferencing software like Zoom, including concerns about information privacy. 
• Keep everyone on the alert for phishing attempts using unexpected tricks by increasing training in spotting and shutting down phishing attempts. 

No company can afford a data breach in today’s challenging economy. Acting now to address the danger posed by video conferencing tools like Zoom will pay off later by mitigating these new risks to your systems and data – as well as your bottom line.