Security researchers at Check Point Software Technology Ltd. said today they’ve observed a sharp rise in the number of fake “Zoom” domains registered in the last week as more and more people switch to remote working during the global coronavirus pandemic.

The researchers found 1,700 new domain names containing the word “Zoom” since January with 25% of the domains registered in the last week. Seventy of the domain names were found to be suspicious. Fake sites impersonating the genuine Zoom domains led the pack, with hackers attempting to capture users’ personal details.

The numbers reinforce the trend of hackers taking advantage of millions now working from home through Zoom with the app used by 60% of Fortune 500 companies. The app has been immensely popular during the pandemic, rising to the top of app downloads in the last week of March.

Other fake sites were also found to be offering malicious files that pretend to be Zoom software. In one example, fake Zoom software was found to include the InstallCore application that installs other potentially unwanted applications on a victim’s computer.

“This increase means that hackers have taken notice of the work-from-home paradigm shift that COVID-19 has forced and are seeing it as an opportunity to deceive, lure and exploit people,” said Omer Dembinsky, manager of cyber research at Check Point.

Check Point recommends that users follow a number of safety tips to protect against Zoom phishing attempts. The first is to be cautious with emails and files received from unknown senders, along with not opening unknown attachments or clicking on links claimed to come from Zoom. On the email side, they also recommend that users look out for lookalike domains, spelling errors in emails and websites, as well as unfamiliar email senders.

Photo: christopherblizzard/Flickr