When you think about tools for remote working and chatting online, one of the first names in your mind is Zoom.
But its popularity has opened the door for cybercriminals. They’re using its name to steal sensitive data.
Researchers have discovered at least six convincing-looking download sites. They’re not the real thing. They’re designed to tempt you to download FAKE Zoom software containing ‘info stealers’ and other malware (malicious software).
Accidentally use one of these sites thinking you’re downloading a Zoom update… and you risk having sensitive data stolen—possibly your banking info, passwords, or browser history.
Some can even steal your multi-factor authentication details. That could give cybercriminals access to your most sensitive data.
The research also found these ‘stealer logs’ for sale on the dark web, where criminals can buy and use this information to gain access to business networks.
Once a cybercriminal has access to your network, every piece of data you have stored becomes a target. In extreme cases, this can leave you vulnerable to ransomware attacks or data theft.
While these fake sites can be incredibly convincing, take these simple steps to avoid being fooled.
- Before you download the Zoom application (or any application), double-check the address of the website you’re on. Is it what you’re expecting? If you clicked an email to get to that site, are you 100% sure it’s from the actual company?
- Study the rest of the web page, too, looking for anything that doesn’t ring true, such as spelling mistakes or a clunky layout.
- Make sure your security software is up to date and is actively scanning for malware and suspicious downloads.
- Have a plan to roll out this advice across your business.
Get in touch if you need help or advice to protect your business from malware and other security threats.