Hackers are spoofing Zoom, Microsoft Teams and Google Meet

Check Point Research warns users about a rise in coronavirus-related phishing attacks

Padlock being lifted by a fishing hook on a blue background to symbolise phishing attacks

According to a new report from Check Point Research, hackers have registered domains that allow them to create URLs related to Zoom, Microsoft Teams and Google Meet.

As more and more people move to video conferencing services during the pandemic, hackers can use these domains to pose as official links, potentially tricking users into downloading malware or giving a threat actor access to personal data.

As remote work has become the norm for many, Check Point Research has found that in the last three weeks, nearly 2,500 new Zoom-related domains have been registered. Check Point has cited approximately 1.5% of these domains as malicious by while another 13% are suspicious. 

Microsoft Teams- and Google Meet-related domains have been used to lure in unsuspecting victims too. Check Point Research claims many victims fell prey to phishing emails with the subject line “You have been added to a team in Microsoft Teams.” 

The emails included a malicious URL and tricked users into downloading malware when clicking the “Open Microsoft Teams” icon. When it comes to Google Meet, hackers have used fake domains like Googelmeets\.com. 

Regardless of which platform they’re impersonating, Check Point Research notes a 30% increase in coronavirus-related attacks when compared to previous weeks. The group noted that as the pandemic has progressed, so have the domains and phishing scams related to it. 

At the beginning of the outbreak, domains related to coronavirus symptoms were common, but Check Point Research has noted a shift toward domains focused on relief packages and stimulus payments.

Fortunately, users can protect themselves from these phishing attacks. Check Point Research warns users to beware of lookalike domains, spelling errors in emails and websites, and unfamiliar email addresses.

The group also warns against opening files received from unknown senders and urges users to beware of any special offers related to the coronavirus and any potential treatments or cures.

Featured Resources

Shaping the workplaces of the future

Rise to the challenge

Download now

Enabling a hybrid future

A guide to setting up new working practices

Download now

Seven steps to successful digital innovation and transformation

What to invest in and what to avoid when pursuing digital transformation

Watch now

Defend your organisation from evolving ransomware attacks

Learn what it takes to reduce risk and strengthen operational resiliency

Download now

Recommended

X-rated phishing attacks just keep growing
phishing

X-rated phishing attacks just keep growing

4 Jun 2021
eBay, Apple, Microsoft, Facebook, and Google were phishers’ top targets in 2020
phishing

eBay, Apple, Microsoft, Facebook, and Google were phishers’ top targets in 2020

20 Apr 2021

Most Popular

Ten-year-old iOS 4 recreated as an iPhone app
iOS

Ten-year-old iOS 4 recreated as an iPhone app

10 Jun 2021
Fastly blames software bug for major outage
public cloud

Fastly blames software bug for major outage

9 Jun 2021
GitHub to prohibit code that’s used in active attacks
cyber security

GitHub to prohibit code that’s used in active attacks

7 Jun 2021