Hackers spoofing Zoom, Microsoft Teams, Google Meet for phishing scams

The remote working due to COVID-19 outbreak has raised concerns around the security of tools used by professionals. Hackers have started impersonating Zoom, Microsoft Teams, and Google Meet-related URLs on the Internet.

A recent report by the Check Point Research highlights the phishing domains registered by cybercriminals. In just the three weeks, 2249 Zoom-related domains have been registered. Check Point Research has identified that 32 of these domains are malicious while 320 are suspicious.

Hackers are sending emails representing official emails from Microsoft Teams, luring people to click on the hidden link. The malicious URL downloads a malware on the victim’s computer. The phishing email is usually with a subject line that reads, “You have been added to a team in Microsoft Teams.”

Google Meet related domains are also used to lure users to visit a malicious link. Hackers have used fake domains like Googelmeets.com. Cybersecurity experts claim that many victims fall prey to phishing scams.

The report also mentions that there is a 30% increase in Covid-19 related attacks this week. As the pandemic has progressed, these domains and phishing scams are on the rise.

Hackers have also tried sending phishing emails posting as the World Health Organisation (WHO) with an attachment that downloads malware. The report also includes two emails soliciting donations for the WHO and the United Nations, but the funds were sent to several bitcoin wallets.

During the initial days of the COVID-19 pandemic, the scams related to Coronavirus symptoms were common. Check Point Research has noted that a shift towards domains focused on relief packages and stimulus payments.

Check Point warns users to beware of lookalike domains, spelling errors in emails and unfamiliar email addresses. It is also important not to open attachments received from unknown senders.