Hackers are impersonating popular video conferencing apps like Zoom, Google Meet and Microsoft Teams in a new form of phishing scams.
A new report from Check Point Research outlines that since lots of people are using these services during the COVID-19 pandemic, hackers have registered domains to pose as the services and get users to download malware or allow unauthorized access to sensitive information.
The research firm has found 2,449 domains related to Zoom in the past three weeks. It concluded that 32 of the links are malicious and 320 of them are considered suspicious.
Further, users have fallen prey to a phishing campaign that poses as Microsoft Teams. For instance, hackers are sending out emails titled: “You have been added to a team in Microsoft Teams.” The emails contain a malicious link, and victims ended up downloading the malware when they clicked on the fake “Open Microsoft Teams” icon.
There have also been several fake Google Meet links that led users to suspicious websites in attempts to retrieve personal information.
Check Point Research notes that there are also several phishing email campaigns that pose as the World Health Organization. Some of the emails include files that download malware onto devices, while others ask for donations for the WHO and UN to be sent to bitcoin wallets.
The firm outlines that hackers are registering virus-related domains to represent different stages of the pandemic around the world. The start of the pandemic brought several fake live map domains, and towards the end of March there were relief-based scams related to stimulus payments and government aid.
“Since several countries have started easing restrictions, and begun planning the return to normal life, domains related to life after the coronavirus have become more common, as well as domains about a possible second wave of the virus,” the report states.
So far, there have been 90,284 new domains registered globally in relation to COVID-19.