Video conferencing apps like Zoom became extremely popular during the pandemic. Even though many companies are back to working in the office, tons of people still rely on these programs to communicate daily. Tap or click here for Zoom tricks you’ll use all the time.
Since Zoom is such a popular tool, it’s become a massive target for cybercriminals. Now an imposter app is designed to spread malware. The newest iteration of IcedID malware could already be on your computer.
Keep reading for details on the tricky way malware is spreading, along with ways to protect your devices.
Here’s the backstory
In 2017, the malware variant IcedID was created to steal banking information from unsuspecting users. It’s a banking Trojan that criminals use to steal credentials to your online bank accounts.
Once your device is infected with IcedID, it can steal any information or credentials in your browser it can find. Thieves can then log into your bank accounts and authorize transactions.
This malware has been around for years, so what’s changed, and why is it making headlines now?
Security researchers recently caught modified Zoom apps distributing the malware and installing it on consumer and commercial devices. Small business owners are at particular risk because their records contain plenty of customer information to farm.
Previously, IcedID was known to get around via spam emails containing modified Office file attachments. The story has taken a dark turn, as an entire phony Zoom site has now been established to trick people into downloading a fraudulent app installer.
Here’s how thieves are hoping to trick you. You’ll get an email or text message that includes a Zoom invite. The link takes you to a site that looks legit with a link to download Zoom. If you click the download button, a legitimate copy of Zoom will be downloaded. But that’s just to throw you off.
On top of the legit Zoom program, IcedID malware will also be installed on your device. The spoofed portal is more realistic than you might think. Your best bet is to stick with downloading Zoom from official app stores or visiting the official Zoom site at zoom.us.
How to avoid phishing scams
Beyond downloading programs from official app stores, here are more ways to protect from malware.
- Safeguard your information — Never give out personal data if you don’t know the sender of a text or email or can’t verify their identity. Criminals only need your name, email address and telephone number to rip you off.
- Always use 2FA — Use two-factor authentication (2FA) for better security whenever available. Tap or click here for details on 2FA.
- Avoid links and attachments — Don’t click on links or attachments you receive in unsolicited emails. They could be malicious, infect your device with malware and/or steal sensitive information.
- Use strong, unique passwords — Tap or click here for an easy way to follow this step with password managers.
- Antivirus is vital — Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!