• PerOla Hammar

A Simple Guide to Zoombombing Prevention

With the COVID-19 pandemic landing people at home, the popularity of video-conferencing software has sharply increased.

Since Zoom is a highly efficient video-conferencing platform, many companies, organizations, and private users started taking full advantage of it. The rise in popularity led to the rise in fraud. App users faced a phenomenon called Zoombombing.

Let's look a little closer into what Zoombombing is and discuss easy ways to prevent it.

What Is Zoombombing?

Zoombombing involves uninvited people joining a Zoom conference and trying to disrupt it. Attackers share explicit content or hurl profanities thus ruining the conference and disturbing the participants. 

The goal of Zoombombing is usually a few cheap laughs at the legitimate users' expense. However, these attacks have graver potential. Sitting in on an important meeting could give the pranker access to sensitive information.

That's why many companies and organizations decided to stop using Zoom for conferences and meetings. This limited their options substantially since the platform provides a top-notch experience with diverse possibilities.

March 2020 School Attacks

In March, a Massachusetts high school reported a Zoombombing  A teacher was holding an online class using the app when an unknown user joined in and started yelling profanities, thus disrupting the learning process.

A couple of days later, another Massachusetts school reported a similar attack. The unidentified visitor displayed swastika tattoos to the conference participants.

At about the same time, a school in Oslo, Norway decided to stop using Zoom after an attacker joined an online lesson and appeared naked on video in front of 9-year old students.

Other Zoombombing Incidents

School attacks are the most disturbing examples of Zoombombing since they concern children. However, many similar incidents have been happening to adult users as well.

For example, about a month ago, uninvited guests disrupted WFH Happy Hour (a public Zoom call hosted by reporter Casey Newton and investor Hunter Walk) by bombarding the participants with sexual video content.

Unless Zoom users take precautions, attackers can disrupt anything from a private family chat or an Alcoholics Anonymous conference to a high-level government meeting.

Why Does Zoombombing Occur?

Why do hackers, trolls, and prankers have such an easy time accessing Zoom calls? The reason is carelessness. While many companies blame the platform for the problem, it's the users, who make such attacks possible.

People share conference IDs and passwords on social media, granting access to just about anybody. Being careful about making conference information public knowledge and digging a little deeper into the platform's settings can help you avoid an attack.

How Do You Prevent Zoombombing?

To prevent Zoombombing, you need to take good care of the privacy issue and only share a conference ID through secure channels. Here are a few other things each Zoom user should know to prevent unpleasant breaches.

1. Set a Meeting Password

Whether it's a small private chat or a large conference, you need to set a password. Zoom sends the password to all invitees automatically. So if you are worried about an unwanted party getting the password, share it with legitimate users through other channels.

Never share the meeting password on an open account in social media or on forums.

2. Generate a Random Meeting ID

When you create a conference, you can either use your personal meeting ID or generate a random one. If you make this ID public knowledge, you are likely to become a victim of Zoombombing.

3. Approve Your Visitors

Take full advantage of Zoom's "waiting room" feature. Before joining the conference, new visitors would have to wait until you personally approve them. If you don't recognize the visitor, you can deny access.


4. Limit Screen Sharing Options

Default Zoom meeting settings allow all participants to share their screens with others. That makes it easy for Zoombombers to disrupt your conference with explicit content from their screens.

Restrict screen sharing before the meeting starts. Click the arrow next to "Share Screen" and choose "Advanced Sharing Options". Select "Only Host" under "Who Can Share" tab.

In your web settings, you can also restrict screen sharing by default for all your meetings.

5. Update Timely

Zoom developers know about the problem and work hard to prevent it. Since the key to Zoombombing prevention is using correct settings, Zoom is changing default settings. For example, all meetings are now protected by passwords automatically.

On April 19, Zoom introduced a new feature that allows reporting Zoombombers so they can be blacklisted for all users.

Zoom is constantly working on improving security options, making the platform safer and more convenient.


6. Use Video and Audio Muting

When you create a meeting, you can choose whether participants can transmit their video. If such an option isn't necessary for the meeting, turn it off. You can also choose "mute participants on entry" in the Advance Option section.


7. Lock the Conference

When all legitimate participants join a conference, you can lock it so nobody else can enter. To do that, you need to click "Participants" at the bottom of the window. Choose "Lock Meeting". When you select this option, no one else can join the meeting even if they have an ID and a password.


8. Allow Authenticated Users Only

Zoom's highly useful feature that allows people to join conferences without signing in has made the platform vulnerable to Zoombombers. You can stop random visitors from joining by allowing only signed-in users to participate.

While this doesn't eliminate the possibility of an attack, it reduces the chances of it happening.


9. Kick the Attacker Out

If Zoomboming is already in progress, it's much easier to kick the pranker out than restart the conference.  Click "manage participants" at the bottom of the Zoom window, find the attacker, click "more" and choose "remove" from the list.

After you've done that, lock the conference or enable the "waiting room" option.

Conclusion: Prevent Zoombomings and Continue Using Zoom

Zoom is a highly efficient and well-designed video-conferencing tool. Its creators went to great lengths to make it safe and convenient to use.

All you have to do to prevent Zoombombings is to keep your information private and adjust the app's settings.

6 views