Exploiting the Coronavirus: Malicious Zoom Installer

Whether you're working from home or trying to stay in touch with loved ones, video conferencing apps like Zoom are becoming the new normal. Cybercriminals have exploited this type of application before, but their latest scam may be the trickiest yet.

Scammers are sending out phishing emails with links to download the latest version of Zoom. When clicked, the link takes you to a third-party website – not the official Zoom site – to download an installer. If you download and run the file, the program does install Zoom. The trick is that the installer also places a remote access trojan (RAT) on your computer. This RAT gives cybercriminals the ability to observe everything you do on your machine. This includes keylogging (saving what you type), recording video calls, and taking screenshots–all of which can be used to steal your sensitive information.

Don't fall victim to this scam! Remember the following:

• If an email directs you to install or update an application, do not click on the link in the email. Instead, go directly to the official website through your browser. This ensures you are accessing the real page and keeping your credentials safe.
• When using a work device, reach out to your IT department before installing any software. They can check that the application is legitimate and safe.

Stop, Look, and Think.

Don't be fooled.