Skip to main content

Zoom attracting malware attacks: How to protect yourself

Zoom attracting malware attacks
(Image credit: Budrul Chukrut/SOPA Images/LightRocket via Getty Images)

Zoom's rising popularity among housebound workers and students isn't all meetings, fun backgrounds and online happy hours. The recent surge in Zoom usage makes the video conferencing software a timely target for crafty cybercriminals.

Although there have been few cases of Zoom-related malware at present, exploitation is almost inevitable given the 21% increase in active Zoom users in the month of February alone. It's likely to have grown much more in March as stay-at-home orders reached three-quarters of the U.S. population. 

What has simultaneously swelled is the number of registered domains that include the word "zoom." According to a new report from Check Point Research (via Bleeping Computer), since the beginning of the year "more than 1,700 new domains were registered and 25% of them were registered in the past week."

(Image credit: Check Point Research)

Check Point Research found that 4% of the new Zoom-related domains have "suspicious characteristics," meaning there's at least a few bad actors looking to benefit from Zoom's popularity. 

These phony domains are likely parading as some variation on zoom.us, the official website for downloading Zoom to your computer. It's possible some of the questionable pages were launched in hopes of tricking unsuspecting users into installing malware on their devices. 

A mass malware attack targeting Zoom users has not happened yet, although there's evidence hackers are testing the waters. In scanning the new Zoom domains, Check Point Research detected malicious files with names like “zoom-us-zoom_##########.exe” (with the pound signs representing random numbers).

Downloading the .exe file allows a potentially unwanted application called InstallCore to run on a victim’s computer, which could lead to additional software installations without the user's knowledge.

Zoom is not the only hot software targeted by cybercriminals right now. Check Point Research has discovered phishing websites for a number of other digital communication platforms, including Google Classroom and Microsoft Teams.

Zoom malware: What you can do

If you've already downloaded Zoom to your device, there's no need to visit a Zoom website to use the video conferencing platform. Update your computer's built-in security software regularly, and check out the best antivirus software for added protection.

If you're looking to use Zoom for the first time, make sure you're downloading it directly from zoom.us. You should not attempt to download the Zoom app from any other website. The same goes for any other video conferencing software.

Be skeptical of emails and files you receive from unknown senders. Common flags to look out for are misspelled words, poor grammar, the addition of random numbers and anything offer you a sale or discount. 

For example, an email from z00m.us1 offering you a $100 gift card for downloading Zoom "right now!" would be bad news. Report it as spam. 

With that, try not to click on attachments or links within suspicious emails. If you're working from home for the first time and are still not sure whether an email is from your organization, ask your IT team for direction.

You can also learn how to delete Zoom if you're done with the service altogether.

For more tips on keeping your network, devices and personal information safe during the coronavirus pandemic, check out our coronavirus scams advice guide.