Hackers are spoofing Zoom, Microsoft Teams and Google Meet

Check Point Research warns users about a rise in coronavirus-related phishing attacks

Padlock being lifted by a fishing hook on a blue background to symbolise phishing attacks

According to a new report from Check Point Research, hackers have registered domains that allow them to create URLs related to Zoom, Microsoft Teams and Google Meet.

As more and more people move to video conferencing services during the pandemic, hackers can use these domains to pose as official links, potentially tricking users into downloading malware or giving a threat actor access to personal data.

As remote work has become the norm for many, Check Point Research has found that in the last three weeks, nearly 2,500 new Zoom-related domains have been registered. Check Point has cited approximately 1.5% of these domains as malicious by while another 13% are suspicious. 

Microsoft Teams- and Google Meet-related domains have been used to lure in unsuspecting victims too. Check Point Research claims many victims fell prey to phishing emails with the subject line “You have been added to a team in Microsoft Teams.” 

The emails included a malicious URL and tricked users into downloading malware when clicking the “Open Microsoft Teams” icon. When it comes to Google Meet, hackers have used fake domains like Googelmeets\.com. 

Regardless of which platform they’re impersonating, Check Point Research notes a 30% increase in coronavirus-related attacks when compared to previous weeks. The group noted that as the pandemic has progressed, so have the domains and phishing scams related to it. 

At the beginning of the outbreak, domains related to coronavirus symptoms were common, but Check Point Research has noted a shift toward domains focused on relief packages and stimulus payments.

Fortunately, users can protect themselves from these phishing attacks. Check Point Research warns users to beware of lookalike domains, spelling errors in emails and websites, and unfamiliar email addresses.

The group also warns against opening files received from unknown senders and urges users to beware of any special offers related to the coronavirus and any potential treatments or cures.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Most Popular

Cisco acquires container security startup Banzai Cloud
Security

Cisco acquires container security startup Banzai Cloud

18 Nov 2020
macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020