How to Survive a Zoombombing Attack and other Digital Dangers

Protect your privacy on Zoom and stay safe working remotely online

These days, virtual reality is our true reality. Millions of Americans use Zoom or other videoconferencing tools to connect with co-workers, teachers, healthcare providers, friends, and family. In fact, Zoom reported more than 200 million daily users in March—up from an earlier maximum of 10 million users at the end of December last year.

But hackers, always eager to exploit a crisis like the COVID-19 pandemic, also use Zoom to invade our privacy, steal our security, and expose us—and our children—to malicious content.

The term Zoombombing refers to hackers joining Zoom events uninvited and using hateful or inappropriate language and images to disrupt the meeting. According to NPR, Zoombombers have intruded on an Alcoholics Anonymous meeting in New Yor

k, Sunday school in Texas, online classes at the University of Southern California, and a city meeting in Kalamazoo, Mich. Teachers transitioning to teaching students online have been particularly affected by this trend.

What’s worse, researchers found a Zoom bug that can be abused to steal Windows passwords and two new bugs that can be used to take over a Zoom user’s Mac, including tapping into the webcam and microphone.

Tips to Protect Your Privacy While Using Zoom

In a recent radio interview, IDX CEO and president Tom Kelly discussed Zoombombing and shared security hygiene tips for staying safe online. Some Zoom-specific strategies for protecting your privacy include:

• Make sure meetings are password protected.
• Don’t announce meetings on social media or other public outlets.
• Inspect meeting participants and kick out unauthorized users.
• Carefully control screen sharing.
• Use the Waiting Room option to admit participants manually.
• Keep any installed version of the Zoom mobile or desktop app up to date.
• Try not to use the personal meeting ID–instead, allow Zoom to generate a random ID for each meeting.
• Be careful when clicking on any meeting invite links. If suspicious, just copy the ID from the link provided and enter it in the official application to join.
• Be careful about what you say—or what participants can see—in a Zoom meeting.

How to Keep Safe Online While Working Remotely

Zoom is not the only threat to remote workers. In another radio interview, Kelly talked about coronavirus-related digital dangers like phishing attacks from supposed health officials and malware embedded in COVID-19 tracking apps. These and other teleworking threats arise from email and text-based phishing attacks, unpatched routers, modems wireless access points, and public WiFi networks that are susceptible to hackers.

To guard against these vulnerabilities, consider these tips:

• Be cautious of dialing into government networks using personal devices that haven’t been vetted and may not be patched against the latest bugs.
• Update the firmware on your router, firewall, modem, and wireless access points in your home.
• Use a virtual private network (VPN) to secure your connection. It gives an added layer of protection between your devices and the Internet, hides your IP address and your location, and encrypts your data after it leaves your device and travels to whatever website you’re visiting.
• Use a password manager to keep track of your passwords rather than writing them down.
• Avoid public WiFi networks that aren’t secure against hackers.
• Subscribe to a privacy-based identity protection service that helps detect early signs of identity fraud for consumers.

When the crisis passes, we’ll enjoy—and more highly value—our in-person interactions with co-workers, friends, and family. Even when that happy day comes, we must remember and apply the security lessons we learned—because a hacker’s work is never done.