How to Prevent Hacks in Microsoft Teams Meetings
Early in the pandemic, when working from home was novel for many and video conferencing calls were new, zoom-bombing started to become a problem for businesses and schools. There was no telling when a prankster may show up, possibly in a state of undress or spewing obscenities, to ruin a call in progress.
These days, zoom-bombers have more nefarious plans. According to email security provider Avanan, hackers are infiltrating Microsoft Teams meetings and dropping links to malware in the chat. The hackers may be getting into the meetings after compromising email accounts belonging to employees. Avanan, owned by security firm Check Point Software, warns(Opens in a new window) hackers could be stealing login credentials for Microsoft 365 through email phishing campaigns.
Once the hacker gets into a meeting, they drop a malicious executable file masquerading as a legitimate program called "User Centric." If anyone downloads and installs the file, the Trojan program drops malicious DLL files, allowing the hacker to hijack the system from afar.
How can you prevent a hack attempt during your Microsoft Teams video calls? The following three tips will help.
1. Get verbal confirmation.
If someone drops a link into the chat, ask about the link's purpose before you click it. Hackers can impersonate your coworkers by stealing their login credentials, so you can never be too careful about what you download.
2. Install antivirus software and keep it running.
Microsoft Teams has built-in antivirus detection(Opens in a new window) with Microsoft 365, but Avanan claims the scanning has been slow to identify real-time attacks.
3. Protect your logins with a password manager.
Stop using the same login credentials all over the web. Use a password manager to create and store unique and strong passwords for work and personal browsing.
Like what you're reading? You'll love it delivered to your inbox weekly. Sign up for the SecurityWatch newsletter.
Switching to a New Password Manager
If your password manager doesn’t have all the features you want or need, it’s time to make a switch. Luckily, most password managers offer free trials of their premium tiers, so you can bounce around between services before finding the one that’s right for you.
The best password manager is one that's easy to use, so you don’t go back to storing your credentials on sticky notes, or worse, using the same passwords for every login around the web. Finding your perfect password manager may take some trial and error, but luckily switching is easy.
How to Export and Import Your Current Passwords
If you're ready to switch from one password manager to another, the easiest way is to export your credentials from your current password manager to a file on your computer that you import into your new password manager.
Many services allow you to save the file with the service’s special file name. The service may allow you to export login information such as usernames and passwords via a CSV file, too.
After you’ve saved your old passwords to your computer, install the new password manager. During the setup process, the password manager will ask if you want to import your current password information, which is where your new files come in. Import either the specialized file or the CSV file to the new password manager, and you’re ready to go!
Recommended by Our EditorsHackers Circulate Malware by Breaking Into Microsoft Teams MeetingsZoom to Pay $85M Settlement for Violating User Privacy, Allowing Zoom-BombingThe Best Password Managers for 2022
While exporting and importing is often the simplest method, there are other ways to switch password managers you can try if this one doesn't work for you.
What Else Is Happening in the Security World This Week?
OpenSea Investigates High-Profile NFT Thefts. The company is still trying to determine how the NFTs were stolen.
US Accuses Russia of Launching DDoS Attacks to Destabilize Ukraine. The US says it observed technical evidence linking this week's attacks on Ukrainian banks to a Russian military intelligence service.
Do I Need a VPN at Home? Staying in is the most effective way to protect yourself during the pandemic, and that means a lot more time online at home. A VPN can help secure that critical connection.
US Accuses Russian Hackers of Stealing Sensitive Defense Data From Contractors. US officials say Russian hackers have stolen data pertaining to US weapons and aircraft development, sometimes by targeting corporate users of Microsoft 365.
Trump's Truth Social Can Only Make Mastodon Stronger. The Trump-backed Twitter lookalike just launched earlier this week, and for better or worse, it will draw more attention than ever to the social network.
Like What You're Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!Sign up for other newsletters