Growing suspicious Zoom-related domains–cyber criminals aim for popular video conferencing services

Check Point Software Technologies uses Zoom and other materials as a means of preventing new types of coronavirus infection [COVID-19], as school leave and telecommuting are increasing and users of the video conferencing service "Zoom" are increasing. Watch out for cyber attacksCalled.

The number of domain registrations containing the character string "Zoom" surges [Source: Check Point]

The number of domain registrations containing the character string "Zoom" surges [Source: Check Point]

人 More and more people are unable to attend schools and businesses, and it has become commonplace to conduct remote classes and online meetings with video conferencing services such as Zoom. According to Check Point, the number of domain registrations containing the string "Zoom" has surged in recent weeks. Since 2020, there have been more than 1,700 new domain registrations, of which 25% were registered in the past week. And 4% of these registered domains showed suspicious signs.

These suspicious domains may have been abused in phishing attacks. Of course, anything other than Zoom can be a source of cyber attacks. For example, there were domains such as "googloclassroom .com" and "googieclassroom .com." That resembled Google's educational website "classroom.google.com." In addition, "zoom-us-zoom _ ##########. Exe" "microsoft-teams_V # mu # D _ ##########. Exe" ["#" Attack files with names such as "numbers"] are also available.

Point To protect yourself from such attacks, Check Point introduced the following measures.

  • Be careful with emails and files received from strangers, especially those related to special offers and discounts.
  • Don't open unknown attachments in emails. Do not click links.
  • Beware of imitation domain names, misspelled emails and websites, and unfamiliar senders.
  • Order products from trusted sites. To do so, do a search on Google to find the site you want, rather than clicking the promotional link in the email.
  • Implement a comprehensive security architecture to protect systems from zero-day attacks targeting vulnerabilities that have not been provided with a security update.

Source link

Do you like this article??

Show More

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button