More on COVID-19 scams: Beware of Zoom and video conference hijacking, SMS cons. Also, a Win10 update for VPN users
Welcome to Cyber Security Today. It’s Wednesday April 1st. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
To hear the podcast, click on the arrow below:
Video conferencing is the big thing with families as well as companies during the pandemic crisis. But don’t be fooled into clicking on a phony link to a meeting. Security company Check Point Software has discovered suspicious web sites for every leading communications application including Zoom and Google Classroom. Victims may get an email saying your company is having a Zoom meeting with a link to download what appears to be a file with the word Zoom in it. Be careful with email inviting you to video meetings and chats. Make sure you know who sent the invitation. Look for spelling errors in names and web sites.
People who host Zoom meetings should note invitations will include a public link allowing anyone to join. To stop this you have to go into the settings and turn screen sharing to “Host Only.”
Here’s another warning: Be wary about text alerts with links related to COVID-19 supposedly from the government and sent via the standard messaging app on smartphones. An article on Forbes.com notes it’s easy to fake text messages because there isn’t a standard way for senders to be verified by Internet providers. Specialized apps like WhatsApp can verify the sender’s identification.
Forgive the repetition but please be very suspicious of any email or text you get that has an attachment relating to COVID-19. Doesn’t matter if it comes from someone you know. Doesn’t matter if the attachment is supposed to about a stay at home cheque from a government or information from a health organization. These days attachments or links to coronavirus material are risky. If you get a message with a link, go to the organization’s web site and look for the article rather than click on the link. Teach your children not to click on link.
If you want to send family or friends information you are certain is legitimate, type out the details from the article yourself. Don’t send an attachment. If you see an article you think is informative, email friends and family the name of the web site and let them go to the site themselves. Just make sure it’s a known government hospital, university or news service.
Finally, people who are new to working from home may by themselves or on the instructions of their employers have installed a virtual private network, or a VPN, to securely connect to the office. However, some Windows 10 users have reported connectivity problems using Microsoft Teams, Microsoft Office, Office 365, and Outlook. Microsoft has now released a fix you can get through Windows Update. But only install it if you’re using these apps and have a connection problem.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon