Hello 1Hackers!
Recently, due to COVID-19 Pandemic, more number of people are using online services to connect with Others.One of them being ZOOM App used by governments,educational Institutions etc for online video meetings,conferencing and so on.Zoom usage went from 10 million in December to 200 million in March and it remains the No. 1 most downloaded app in the Apple and Google app stores, according to Apptopia.The huge surge in popularity has brought with it a new level of scrutiny,alongside the massive strain on its servers brought about by new users.Zoom hacking issues(Zoom Bombing) are happening all over the world, from over-the-Internet Alcoholics Anonymous meetings to sensitive, high-level government gatherings.
What is Zoom bombing?
Many Zoom bombing incidents have amounted to a form of trolling. Hackers gain access to a Zoom meeting and attempt to disrupt the video chat and upset participants by shouting profanity or racial slurs, or putting disturbing or offensive images in their video feed.
The vulnerability also has people wondering if Zoom is safe to use. Particularly in a large meeting, an unwelcome participant might go unnoticed, enabling that person to record the meeting or otherwise gather information. In particularly sensitive cases, this could become a method of corporate espionage or blackmail.
Given the wave of Zoom bombings, you might suspect thereâs a problem with the Zoom software. But Zoom is generally doing a good job on security, and the bulk of Zoom bombings are most likely due to user practices rather than bugs.
Prevent âZoom bombingâ by following these tips:
1. Be wary of links:
Zoom meetings start by creating a meeting and copying a URL that is generated by Zoom. You are then instructed to send it out to participants. âI would not click through any link I got from a Zoom invite as that could be a potential phishing scheme,â says Mark Ostrowski, a security analyst for Check Point Software. One of the oldest tricks in the book from scammers is sending out a malicious link in an e-mail that usually leads to malware that can take control of your computer.
So when you start a meeting, you get to invite people and send out a link that starts with looks like this: (https://zoom.us/) followed by a long string of numbers, letters both capitalized and lower-case.Most importantly, Zoom users should not share meeting links publicly. This is perhaps the single most obvious precaution you can take. Rather than posting a meeting link to a Facebook group or in a promotional tweet, distribute information via a more private method, such as email.
2. Adjust the screen share options immediately:
Instead of letting anyone share your screen and engage in âzoombombingâ â thatâs when uninvited attendees break into and disrupt your meeting â the host has the option of adjusting the settings and thus,restricting the video-sharing. Theyâre hidden, so take note. On the general Zoom settings app window, there is an option for screen sharing. Click it and select Advanced settings. There you instruct Zoom to only let the Host share the screen. If the meeting host is the only person who needs to share video, such as in a seminar or presentation, the host should change Zoomâs screen-sharing setting to âHost only.âAnd now your major privacy issue has been solved.
3. Use Waiting Rooms:
This is the most hidden, secret security feature in Zoom.
It places every guest in a virtual waiting room before the meeting starts. When youâre ready, youâll then have to manually admit your guests. This gives you control over who can attend and makes it easier to keep unwanted guests out. What it does is let the host prescreen the guests before the meeting starts for an extra layer of security.
To get there, go to your master account settings, (under âMy Accountâ at the top right of the main screen), click Settings, go to the Meetings tab and scroll all the way to the bottom, where you will find the Waiting Room options. Once clicked, this will be the default on all your meetings.
The downside is that if youâre meeting with a large number of participants, it can be cumbersome to have to manually admit everyone. In addition, if someone joins the meeting late, youâll need to be paying attention and let them in. Still, if itâs important to you that only your invited guests attend your meeting or webinar, this is probably the most reliable way to control who gets in.
4. Create a webinar instead of a meeting:
This is a presentation to a group that doesnât bring in participation, and thus, less likely to be hacked. Itâs only available to paying customers. Zoom is free to anyone for meetings under 40 minutes.
5. Set your Meetings to âPRIVATEâ:
Zoom now sets all new meetings to âprivateâ by default, requiring attendees to provide a password for access.Zoom can automatically generate a password for each scheduled meeting and share that password as part of the invitation.
But users often opt to make meetings public for the sake of convenience. Given the wave of Zoom bombings, the inconvenience of requiring a password is probably worthwhile in keeping your meeting safe.
6. Donât use/share your personal meeting ID online:
Instead, use a unique meeting ID for each separate meeting.
Every registered Zoom user has a personal meeting ID, linked to what is essentially a permanent virtual meeting room. Because that ID doesnât change, sharing it publicly increases the chance that future meetings using your personal ID might be Zoom bombed.
To avoid the risk of Zoom bombing, share your personal meeting ID only with your most trusted contacts. Generally, while Zoom will prompt you to use your personal ID for âinstantâ meetings, scheduled meetings will use a one-time meeting ID, reducing risk. If youâre concerned that you may have already shared your personal meeting ID in an insecure way, contact Zoom directly to have it changed.
7. Requires the Host to Be Present:
Zoom does provide the option for your meeting to start when the first person joins, even if itâs not the host. This can be convenient if youâre hosting a meeting but running a few minutes behind. Everyone else can get started in the meantime.
If you want to protect your meetings, however, itâs best to turn this off. That way, youâll know that no one can start your meetings without youâincluding a hacker or âZoombomberâ (yes, thatâs apparently a real term). To do this, make sure the âJoin before hostâ setting is off (itâs off by default).
8. Allow only signed-in users to join / Kick unwanted people out:
This step will definitely help to keep the trolls out and stop Zoom-Bomb attempts. Only people who are invited to the meeting and logged in to Zoom can join.
For removing unwanted guests,Go to the Participants menu, run your mouse over the participantâs name, several options will appear â one being Remove. Click it. Once kicked out of a meeting, the participant canât rejoin. (You can adjust your settings to allow removed participants in case you said goodbye to the wrong person).
For further detail read this:Keep uninvited guests out by following these instructions (from Zoom Blog)
9. Patch early, patch often:
Zoomâs own CEO just wrote a blog post announcing a âfeature freezeâ in the product so that the company can focus on security issues instead. Itâs much easier to do that if you arenât adding new code at the same time. Why not get into the habit of checking youâre up-to-date every day, before your first meeting? Even if Zoom itself told you about an update the very last time you used it, get in the habit of checking by hand anyway, just to be sure.
10. Make some rules of etiquette and stick to them.
If youâre expected or you need to use video, pay attention to your appearance and the lighting.
Remember to use the mute button when you can.
And most importantly â especially if there are company outsiders in the meeting â be very clear up front if you will be recording the meeting, even if you are in a jurisdiction that does not require you to declare it. And make it clear if they are any restrictions, albeit informal ones, about what the participants are allowed to do with the information they learn in the meeting.
!