How to stay safe using Zoom while remote working

Due to the increase in remote working, you’ll probably have heard of the app Zoom. It enables many of us in London and elsewhere to stay connected our businesses and colleagues while having to work from home. Zoom is a cloud-based communication platform used for video conferencing, online meetings, chats, mobile collaboration and more. However, if there’s one truth in the IT security world, it’s that cybercriminals are never far behind the curve. They are constantly looking for any opportunity to deceive, lure and exploit people. And sure enough, attackers are attempting to take advantage of the app’s increasing user base amongst small to medium-sized businesses. So, we’ve put together this guide to show you how to stay safe using Zoom while remote working.

Awareness is key when you want to know how to stay safe using Zoom while remote working

During the Covid-19 pandemic, the platform has increased from 10 million users to a whopping 200 million! As of April 2023, Zoom had over 800 million monthly users logging on worldwide. In addition, hundreds of new Zoom domains have been registered since the start of 2020.

But while there had already been a huge rise in Coronavirus-themed malicious campaigns in 2020, researchers have reported a surge in suspicious Zoom domains. Unfortunately, cybercriminals and scammers are now targeting this collaboration tool and the people who use it.

So, if you and your team are benefitting from the app you will quite rightly want to know how to stay safe using Zoom for remote work. In which case, you should keep reading and follow our tips for support.

Knowledge is power when it comes to Zoom and your cybersecurity

In this blog post we’re going to take a closer look at the cybersecurity threats that have arisen in the Zoom user space. This way you and your team can keep your IT infrastructure, data, IP, and financial and confidential information safe while remote working and using the app. Below you’ll discover:

  • Zoom hacking – how big’s the potential problem?
  • Some of the dangers that can lurk in the Zoom user space
  • What on earth is ‘zoombombing’?
  • How Zoom has dealt with privacy and security concerns
  • Why Zoom is still a sound collaborative platform choice
  • Top tips to ensure your safety on Zoom
  • Safe and secure meetings via Zoom

Zoom hacking – how big’s the potential problem?

In 2020, suspicious zoom domains were highlighted as a source of risk, where 1700 new domains had been registered in the first three months. Analysis suggested that 4% of these registered domains contained suspicious characteristics.

Now, phishing Zoom links pose a large threat to businesses. Cybercriminals will hide malicious code in emailed Zoom chat links attempting to steal personal data, extract employee IDs and even hack business meetings. Zoom job scams are also potentially on the rise this year as the company itself has issued warnings to users. Often cybercriminals post fake job listings and conduct interviews through Zoom Team Chat, subsequently asking for bank details to deposit checks.

Cybercriminals believe the Zoom customer base offers potentially rich pickings because it’s used by more than just the small to medium-sized business community here in London. Indeed, 60% of the Fortune 500 use it and it’s been downloaded more than 50 million times from the Google Play app store.

Some of the dangers that can lurk in the Zoom user space

Cybersecurity experts have discovered a number of malicious files containing the word ‘Zoom’. This includes ‘zoom-us-zoom_##########.exe,’ where # represents various digits.

Now executing such files can run InstallCore on the user’s computer. This could allow cybercriminals to load malware, unwanted third-party applications, or malicious payloads, depending on the attacker’s end goals.

It’s important to note that InstallCore is marked as a potentially unwanted application (PUA) or potentially unwanted program (PUP) by various security solutions providers. Why is this? InstallCore can, on occasion, disable User Access Control (UAC), add files that will launch on startup, install browser extensions, and generally interfere with a browser’s configuration and settings.

Zoom is not the only collaborative platform feeling the pressure from cybercriminals. A file related to the popular Microsoft Teams platform (“microsoft teams_V#mu#D_##########.exe”) has also been found.

New phishing websites have also been spotted for every leading communication application. This includes the official classroom.google.com website, which was impersonated by googloclassroom\.com and googieclassroom\.com, as researchers have found.

Other researchers have seen Zoom users infected with the Neshta file. Neshta is a malicious software that infects executable (.exe) system files. This can be very threatening to your cybersecurity as it uses these files to collect system information such as installed apps and SMTP e-mail accounts. It might also be used to target removable storage devices and networks. Neshta then sends the information to a web server controlled by cybercriminals.

Ultimately, malicious actors (ie cybercriminals) will lure users by impersonating the original website or a related service. As a result, they can gain the user’s trust and obtain their credentials, personal information, or payment details.

What on earth is ‘zoombombing’

Some of Zoom’s features can be breached by cybercriminals. Vulnerable features include the monitoring of attendees, where hosts can be alerted if somebody navigates away from the video window. Other features can let administrators check in on their colleagues and access meetings that they were not present at.

If the Zoom reference number is shared on social media and the host fails to set screen-sharing to ‘host only’, this can allow uninvited guests to screen-share obscene or graphic imagery. This is known as zoombombing.

Another important security step a Zoom meeting’s host should undertake is to disable ‘file transfer’. This will prevent any malware being shared.

How Zoom has dealt with privacy and security concerns

In recent times, Zoom’s developers have had to patch and fix several security vulnerabilities.

Some threat actors were previously able to identify and join active, unprotected Zoom meetings to share device information to Facebook’s servers. The developers had to remove code from the Zoom iOS application to prevent users’ personal information being exploited.

Hackers also targeted Zoom users by remotely executing code on Macs where the application was uninstalled. They infiltrated devices via a maliciously crafted launch URL. An additional flaw further allowed remote attackers to force Windows, Linux and Mac OS users to join video calls with their video cameras forcibly activated.

All in all, Zoom has now made the app more secure. First and foremost, developers have improved password security. Password by default has been added to all future scheduled meetings and password settings are enforceable by account administrators. A feature has been removed which automatically indicates if a meeting ID is valid or invalid, and repeated attempts to scan for meeting IDs can now be blocked.

Why Zoom is still a sound collaborative platform choice

Despite the concerns, Zoom remains highly popular. Many believe it is still the best collaborative platform available in terms of ease of use, stability and video and audio quality.

So, like any technology, using Zoom can be great. However, you cannot allow your privacy and IT to be compromised, even for the benefits mentioned. Thus, it’s crucial that you and your team are alert to online threats while using downloaded software and apps.

Top tips to ensure your safety on Zoom

When you consider that 90% of cyberattacks start with a phishing campaign, the best action you and your team can take is to always adhere to basic security hygiene. So, we’ve put together some final tips you should follow to protect you from hackers and ensure you are staying safe using Zoom.

These include:

  • Being suspicious, cautious, and extra vigilant about unexpected, unrecognised and unsolicited messages. This can include e-mails, texts and social media posts, especially those including any mention of Zoom.
  • Being similarly sceptical about all e-mails and files from unknown senders. Emphasise the need for every member of your team to stop, think and check before clicking on or opening anything they do not recognise. This goes for anything – whether it mentions Zoom or not – especially when working remotely.
  • Keeping an eye out for spelling errors in URLs and poor grammar or poor English in e-mails. These are usually a dead giveaway of a scamming communication.
  • Only ever downloading software via direct downloads links and trustworthy, official sources.
  • Updating and patching your installed Zoom software and operating systems using tools designed by the app’s official developers.
  • Never using ‘Shadow IT’ or third-party activation (‘cracking’) tools from unofficial sources as these can infect computers with malware.
  • Having reputable antivirus and anti-spyware software installed across all your teams’ computers and devices, and then regularly scanning those devices.
  • Whether in relation to using Zoom specifically or your cybersecurity in general, it pays dividends to train and educate your team. This creates an effective first line of defence for your business, IT infrastructure, data, IP and confidential information.

Safe and secure meetings via Zoom

Our commitment and focus is to keep your business, people, and resources safe and secure.

We’ve built an enviable reputation for having one of London’s leading managed IT services and cybersecurity teams. Since our formation in 2008, we’ve earned Five Star customer service ratings from TrustPilot, Feefo and Google as well as a 98% client retention rate.

So, if you’d like to learn more about how to protect your remote team when collaborating via Zoom, why not reach out to the totality services team for support? Don’t hesitate to call us and have a confidential, no obligation chat about your requirements.