Whatever you do, do not answer these incoming video calls.
Security experts have issued a warning to anyone who uses Android or Windows about a rise in fraudulent websites designed to resemble Zoom, Skype, and Google Meet. But rather than connecting you with friends or family… these sites provide a direct line to malware.
This trend has been building since December 2023, researchers say.
At a glance, these websites look almost indistinguishable from the real deal. Scammers have used the same font and graphics found on the official Google Meet and Zoom webpages. The legitimate icons for the Google Play Store also appear on the websites.
Many of the fraudulent websites uncovered by the team at Zscaler were in Russian
ZSCALER PRESS OFFICE
Most of these fraudulent video call portals are in Russian and hosted on URLs that closely resemble the legitimate web address. This could indicate that hackers have laid the trap in the hopes that people will accidentally make a typo and stumble across the fraudulent website.
Once on the fake website, visitors are pushed into downloading malware — mistakenly believing that it’s the official software for video call applications like Skype, Zoom, and Google Meet.
Clicking on the icon to download the Android version of the app will download an APK file laced with malware to your device. Clicking on the button with the Windows icon will kickstart a batch script download. The latter then executes a PowerShell script, which downloads a Remote Access Trojan (RAT).
RATs are a strain of malware that allows an attacker to gain complete administrative privileges and take control of your laptop, desktop, or handset from anywhere in the world. This malicious software needs to be opened to work, so it’s often disguised as a legitimate program to encourage people to double-click and run it.
While some of these websites do have an icon for iOS, security researchers have yet to find an instance of malware for iPhone or iPad being distributed on these websites.
“A threat actor is using these lures to distribute RATs for Android and Windows, which can steal confidential information, log keystrokes, and steal files,” the researchers from Zscaler ThreatLabz said.
Microsoft’s Skype, pictured, has been targetted alongside Google Meet and Zoom
ZSCALER PRESS OFFICE
“Our findings highlight the need for robust security measures to protect against advanced and evolving malware threats and the importance of regular updates and security patches.
“As cyber threats continue to evolve and become increasingly complex, it is critical to remain alert and take proactive measures to protect against them.”
If you’re unsure about whether a website is legitimate, there are a few things you can do. First, check for the SSL digital certificate — Secure Sockets Layer — that proves that a website is legitimate. This is found in the web address at the top of your browser and is usually denoted with a padlock icon.
LATEST DEVELOPMENTS
It’s also important to check whether the URL begins with “https://”, with the “s” meaning “secure.”
Still unsure? You can type the web address into a website safety checker tool, like Google’s Safe Browsing site status page, which will let you know whether that domain is unsafe or when a previously trustworthy site has been compromised or now contains unsafe elements.
Laura Adams is a tech enthusiast residing in the UK. Her articles cover the latest technological innovations, from AI to consumer gadgets, providing readers with a glimpse into the future of technology.
