As the usage of Zoom has skyrocketed during the coronavirus outbreak, the company has had to respond quickly to security flaws and potential phishing attacks
As Zoom usage skyrockets around the world, so too do the opportunities to exploit users unfamiliar with the tool.
The Zoom platform has increasingly has been the target of hackers exploiting the vast numbers of users working from home. For context, the company noted that as of December 2019, the most significant amount of daily users was 10 million. In March, that number ballooned to 200 million.
For many exploits, it starts with a website.
According to Check Point, more than 1,700 domains had been registered using the word zoom in the first three months of 2020. Many of those domains point to an email server, which can indicate the site is part of a phishing scheme.
Remote workers may receive seemingly official meeting notices using the Zoom platform. Hackers ask recipients to head to a login page and enter their corporate credentials.
It’s a perfect storm that’s playing into the hands of hackers. It also means companies need to be vigilant in helping users understand how to access and use the platform and other tools used in this paradigm shift of how work is done.
“Zoom users should be aware that links to our platform will only ever have a zoom.us or zoom.com domain name,” a spokesman noted. “Prior to clicking on a link, they should carefully review the URL, being mindful of lookalike domain names and spelling errors.”
Zoom has had to take several steps recently to address security concerns related to its dramatic usage growth. The company has increased its training sessions and reduced customer service wait times. Here are several of the other issues that Zoom has addressed:
The company announced it was freezing all feature enhancements to redeploy software engineers to focus on what it calls “our biggest trust, safety, and privacy issues.”
Here are some tips to ensure that Zoom users are protected:
Cybersecurity is a sad reality in these turbulent times. However, a focus on prevention and detection are important deterrents to cybercriminals and can reduce the risks to your business.