ROANOKE, Va. – Social distancing is forcing people to depend on video chatting sites a lot more, but there is a risk of video hijacking and what experts are calling “Zoom-Bombing”.
The Better Business Bureau’s concern is there are many businesses, organizations and schools using video chatting that didn’t before and may not know how to protect themselves.
If you’re not careful, someone can hijack your screen and put anything on the screen. Hijackers can even record your session. It’s happening across the country.
Recently in Massachusetts, there was an incident during a teleconference class on Zoom where a stranger dialed in shouting profanity and the teacher’s home address.
Another incident happened on videos, someone joined the video call and started showing swastika tattoos.
“It’s better we don’t assume it’s all going to work like it should without us taking some steps to set up our profile correctly and use some of those security opportunities that are available,” said Julie Wheeler, President & CEO of BBB Serving Western Virginia.
You also want to look out for fake websites that may look like a legitimate video conferencing site.
Wheeler said, “Be very careful when you receive an invitation to attend a video conference it should be from an organization you’re familiar with or from someone you know before you click on a link.”
Also take a look at the URL to make sure the spelling isn’t off by a couple of letters.
Here is how the BBB says you can prevent video hijacking.
- Use a unique ID for large or public Zoom calls
When you create a Zoom account, the app assigns users a Personal Meeting ID (PMI). When hosting a large Zoom call where members of the public are attending, it’s better to use a one-time code rather than a user’s PMI. If not, hijackers can use the PMI to try and jump in on your Zoom calls at any time.
- Don’t share the unique ID publicly
Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific meeting attendees.
- Require a meeting password
For those private hosting meetings, password protections are on by default. Keep those protections on to prevent uninvited users from joining. It’s only an option when you generate a unique ID, not when you use your PMI.
- Allow only hosts to share their screen
Don’t let anyone hijack the screen during a Zoom call. To prevent it, make sure your settings indicate that the only people allowed to share their screens are hosts. Navigate to Personal > Settings > In Meeting (Basic) and look for Screen sharing. Check the option that only allows the host to share.
- Create a waiting room
When participants log into the call, they see a Waiting Room screen that you can customize. They aren’t let into the call until you, the host, lets them in. Hosts allow people in all at once or one at a time, This lets you screen the attendees and if you see names you don’t recognize in the Waiting Room, you don’t have to let them in at all.
- Create an invite-only meeting
If you have Pro, Business, Education, or Enterprise Zoom accounts, enable “Authentication Profiles” settings, so anyone who tries to join your meeting without proper authorization will see a notification on their screen telling them that the video conference is for authorized attendees only.
- Lock a meeting once it starts
If you start a meeting and all attendees have joined, hosts can lock the meeting from new participants. During the session, navigate to the bottom of the screen and click Manage Participants. The Participants panel will open. At the bottom, choose More > Lock Meeting.
- Remove attendees or put them on hold
Hosts can kick unruly attendees out of a call or put them on hold. To remove an attendee, hover over the name of the person you want to remove on the Participants panel on the right. When options appear, choose Remove. By default, an ousted guest cannot rejoin.
To put the guest on hold: During the call, find the video thumbnail of the person you want to put on hold. Click on their video image and select Start Attendee On Hold. Hosts can reverse this action by clicking Take Off Hold in the Participants panel.
- Disable the participant’s camera
Hosts can turn off any participant’s camera by opening the Participants panel and clicking on the video camera icon next to the person’s name.
- Keep disable file transfer settings active
Keep default settings on to Disable File Transfer to limit participants from sharing files, including images and animated GIFs within the chat. Open Settings in the Zoom web app (it’s not in the desktop app). On the left side, go to Personal > Settings. Then click In Meeting (Basic). Scroll down until you see File Transfer and slide the toggle to disable.