The cyber criminals are always looking for new opportunities to steal data from the Internet, access corporate information and, ultimately, make money from it all. The current situation caused by Covid-19 has opened a range of possibilities and experts warn that there is a wave of cases of ‘phishing’, extortion, ‘ransomware’ and attempts to breaches and data breaches in the last few years. weeks.
The increase in teleworking and the need to communicate with loved ones from a distance have caused an unprecedented upturn in the use of video conferencing applications and this poses a risk, both for companies and for private users. Although it is not the only objective of cybercriminals, the Zoom app has been the subject of some of the most outstanding incidents so far this year.
“There are several risks to be aware of. The first is that of several new vulnerabilities discovered on this platform: one of them could allow hackers to steal Windows passwords, and two others could allow attackers to remotely install malware on the affected Macs and spy on the meetings “, warns José Battat, CEO of Trend Micro Iberia.
Cybercriminals know that users are massively searching for ways to communicate during government-mandated confinements. By creating legitimate-looking links and websites from Zoom – which is one of the most used ‘apps’ – they could steal financial details, spread ‘ malware ‘ or collect ‘app’ ID numbers, allowing them to infiltrate in virtual meetings. A provider found that 2,000 new domains had been registered in March alone, more than two-thirds of the year total so far.
With just access to a meeting , ‘hackers’ could collect highly sensitive or market-critical corporate information, and even spread ‘malware’ through a file transfer feature. These problems at the business level can also affect private users, either by stealing personal data or by accessing meetings (sometimes between minors) to post offensive comments or transmit inappropriate content, for example.
Tips from the experts
Trend Micro offers a series of security recommendations, based on simple questions, such as having the applications always updated to the latest version or “making sure that all teleworkers – in the case of companies – have a program ‘anti-malware’, including detection of installed ‘phishing’ from a trusted provider .