With the spike of Zoom usage since the beginning of the pandemic has also come the spike of Zoom-themed phishing attacks. These criminal campaigns have also affected Teams.
When the pandemic began and a large portion of people began working remotely, attackers used this time to adapt and improve their lures to exploit the dependence on video-conferencing platforms. Scammers have registered more than 2,000 Zoom-related domains from late April to early May of this year alone; the domain names include the word ‘Zoom’ or ‘Teams’ which can then be used to send phishing attacks that look as though they are coming from the official video conferencing services. Though the finding is not surprising, it serves as a reminder to stay alert and aware of how to defend yourself against such attacks.
Some security best practices include double checking the sender’s information for any invites you receive, not clicking the links on unsolicited emails, and resolving issues directly rather than through a communication that might not be legitimate. If you have any questions or would like to discuss these tactics further, feel free to contact the office.