Are you downloading a Zoom update … or is it malware?

One of the first names many of us think about for video calls and online meetings is Zoom (although there are many alternatives!).

However, its popularity has made it a target for cybercriminals. They’re using the brand name’s familiarity to steal sensitive data.

Researchers have discovered at least six convincing-looking download sites that are not real. They’re designed to tempt you into downloading FAKE Zoom software containing ‘info stealers’ and other malware (malicious software).

If you accidentally use one of these sites because you think that you’re downloading a Zoom update, you risk having sensitive data stolen. That could mean your bank details, passwords or browser history. Some can even steal your multi-factor authentication details, giving cybercriminals access to your most sensitive data.

The research also found these ‘stealer logs’ for sale on the dark web, where criminals can buy and use the information to gain access to business networks.

Once a cybercriminal has access to your network, all the data you store becomes a target. In extreme cases, this can leave you vulnerable to ransomware attacks or data theft.

These fake sites can be incredibly convincing. We recommend these simple steps to avoid being fooled

• Before you download the Zoom application (or any application), double-check the address of the website you’re on. Is it what you’re expecting? If you clicked a link in an email to get to that site, are you 100% sure it’s from the actual company?
• Study the rest of the web page, too. Look for anything that doesn’t ring true, such as spelling mistakes or a clunky layout.
• Ensure your security software is up to date and actively scanning for malware and suspicious downloads.
• Have a plan to roll out this advice across your business.

Get in touch if you need help or advice to protect your business from malware and other security threats.

Adapted from an original article on Your Tech Updates (with permission).