Zoom Phishing: What your employees should know

With Zoom phishing emails, cybercriminals try to trick your staff

Remote workgroups have learned to lean on Microsoft Teams and Zoom as platforms for connecting during the pandemic; rest assured, cybercriminals have taken notice. Since the pandemic, Microsoft Teams and Zoom phishing attacks have skyrocketed, so it's essential for your workforce to know how to recognize Zoom phishing emails and other phishing attempts. If you fail to educate workers on how to spot and thwart a phishing attack then your company's data and capital could be at risk.

Here's how to spot a Zoom phishing email

Scam artists are often quick to capitalize on the latest business tools by leveraging the trust of your employees. Spotting a Zoom phishing email or any phishing email is vital to your network security, particularly as workforces are increasingly dispersed. The experts at Locknet Managed IT have pulled together four tips to help your employees spot a Zoom phishing email or other phishing attempts.

1. Realize that scammers register domains that look legitimate, and create communications that appear to come from a trustworthy company. Cybercriminals are adept at registering domains that trick users into thinking they are legitimate. In just one month last year, they registered nearly 2500 domains with Zoom-related names. The result? It takes a keen eye to spot scammers, so making sure your staff are up to date on their security training is vital to your network security. It's critical that your staff learn to read the sender's information very carefully before opening, downloading, or clicking on anything within that communication.
   
   
2. If the communication is unsolicited, avoid clicking on any links or files. Cybercriminals bank on recipients being naive and trusting. A single download of a malicious attachment can result in the installation of malware on your system. Staff simply must be trained to avoid clicking on or downloading anything that comes from someone they don't know or anything that seems remotely suspicious.
   
   
3. Know that attacks can come in from a variety of platforms. Zoom phishing attacks aren't necessarily all emails. Some come in the form of text messages or even direct messages on social media. They typically contain a link and prompt you to address a problem with your account—like, reactivation, or rescheduling a meeting.
   
   
4. Contact the company directly. It's all too easy to think an issue is legitimate and click through a communication that appears to come from a company. An easy workaround is to go to the site directly by typing the company's address into your browser and following up with that company's support team. Don't ever trust the links in a suspicious message even if they appear to go to a legitimate site.

Security training and education for your employees

Phishing attacks and other scams in the digital space are always evolving, often capitalizing on trends to catch users unaware. In times of great change, like we've witnessed during the pandemic, it can be easy for security training and education to be put on the back burner. But as the prevalence of these Microsoft Teams and Zoom phishing attacks shows us, it's essential to keep workers trained on how to spot security risks and how to protect your network even from the most sophisticated attack attempts. The security experts at Locknet Managed IT are here to help every step of the way. Whether you want the latest information on Microsoft Teams and Zoom phishing emails or other risks to your network, contact us for more information about how we can help keep your workforce at the ready, and cybercriminals at bay.