The global pandemic has had devastating effects on many companies this year. But for one, video-messaging service Zoom, it's been nothing short of a springboard to worldwide recognition.
Of course, when you're at the top, you also become a target for scammers, and Zoom is no different. Reports have surfaced of scam victims being blackmailed under the pretence of having their Zoom account hacked during some…rather personal moments.
It's a new spin on an already established “sextortion” scam email, but nonetheless, it could be alarming to be on the receiving end of such an email. We explain how the scam works, and what to watch out for.
Zoom's Sextortion Scam
The scam begins with the victim receiving an email, which states that the scammer has footage of them using Zoom in a compromising sexual position. The actual details of the act are always kept deliberately vague, and there's a reason for that – the scammer doesn't actually have any genuine dirt at all.
These emails aren't targeted, they're sent out in bulk. It's a question of scale – the more emails sent, the better chance that someone will respond.
The email demands a blackmail fee to keep the users supposed indiscretions from going public. In this case, the asking fee is $2,000 in BitCoin. In a zeitgeisty relevant flourish, the scammer indicates that is this isn't paid, the victim could be the “next Jeffrey Toobin” – the reporter who was recently fired by The New Yorker for unwittingly exposing himself while on a Zoom call.
As reported by Bitdefender, the latest Zoom scam isn't actually anything particularly revolutionary. In fact, sextortion scams have been around almost as long as people have been using webcams. The surge in Zoom usage makes this scam attempt potentially effective for the perpetrators, but services like Skype and even WhatsApp have been name-checked in such scam emails in the past.
Don't let scammers put you off using Zoom – see our guide to Zoom Plans and Pricing to get started
Example of the scam email, courtesy of Bitdefender
Is Zoom Safe?
Zoom has been thrust into the limelight this year, and has come under some criticism for its security measures, especially early on. We've all seen the stories of strangers crashing Zoom calls (quite often with rather negative and disturbing results), so it stands to reason that victims could believe they are being watched over an unsecured connection.
However, Zoom has stepped up its security game in recent months, and with a few precautions, Zoom users can protect themselves when chatting to friends and colleagues.
Firstly, Zoom calls are encrypted, meaning it's very hard to ‘hack' into Zoom calls in a traditional sense. It's important to ensure that when on a Zoom call, users make use of the security features provided. This includes ensuring that sessions are password protected (with a strong password), and that the call owner has the say over who is and isn't allowed to enter the call.
Should you receive one of the Zoom blackmail emails, simply ignore it. Don't engage – there is no danger of ‘secret recordings' of you being leaked to anyone.
Staying Safe Online
As well as treating the world to coronavirus, 2020 has been something of a vintage year for scams and malware. With many of us working from home, we've become more vulnerable to hacks, as scammers realize that millions of us working outside the traditional security of the office IT infrastructure poses a potential in. Ransomware attacks alone have reportedly increased seven-fold.
Luckily, there are plenty of ways we can stay safe online, from password managers to VPNs, and antivirus software.
In the case of scam emails such as this, and its close cousin, ransomware, it's antivirus software that proves the most effective deterrent, with the software identifying, and isolating such emails, and providing the user with a warning. It can also automatically remove any nefarious attachments.