Phishing emails are nothing new, but the global Coronavirus pandemic has given cybercriminals some new ideas to work with.
From those that exploit fears of the virus to those that exploit our new work-from-home lifestyle, Coronavirus-related phishing emails are on the rise.
Phish in a barrel
One particular subset of these recent phishing emails involves fake video call invites. Due to the fact that many employees around the world are now confined to their homes, video conferencing services such as Zoom, Microsoft Teams, and Google Meet have become essential.
But as more and more employees working remotely have been relying on these services to conduct their work and communicate with their colleagues, cybercriminals have not hesitated to take advantage of this, registering hundreds of new domains with names similar to those belonging to the video conferencing services.
For example, a cybercriminal might send an employee an email disguised to look just like an actual Zoom meeting invite, instructing them to follow a link to accept it. That link would then take them to "zoom-video-chat.com", a very convincing-looking Zoom login page, prompting them to sign in to their accounts. However, since this website is not the real thing, the only call they'll be receiving after "signing in" is a cybersecurity wakeup call.
What can you do?
Aside from being vigilant and proceeding with caution whenever receiving a suspicious-looking email, the best way to combat these phishing scams would be to start using MYKI.
When you save all your passwords to MYKI, it will offer to autofill those passwords for you whenever it detects that you are on the account’s website.
For example, if you save your Zoom account details to MYKI and go to "zoom.us" to log into your account, a MYKI dropdown will appear suggesting your stored Zoom account. Upon clicking that dropdown, MYKI will proceed to autofill your credentials and log you in instantly.
If you're on "zoom-video-chat.com" on the other hand, that dropdown would not appear, verifying that the site you're currently on is not the actual Zoom website, and helping you avoid this sneaky scam.