What is Zoombombing?
Zoom is a fantastic tool for facilitating online meetings and web-conferences. However, due to the open nature of the platform, it is possible for people with malicious intent to guess or obtain Zoom meeting links and crash your meetings. Luckily, there are some easy steps that all Zoom meeting hosts can take to prevent this from happening.
- Don’t use your personal Zoom ID to create meetings. This ID assigned to you by Zoom doesn’t change, so if it gets into the hands of the wrong person they can interlope on all your meetings that use this ID from then on. Instead have Zoom generate a random meeting ID for each meeting you create. Click here for an overview on how to set up Zoom meetings.
- Don’t share your Zoom meeting link on a public platform like social media. If you must share on a public platform, require authentication for your guests. There are a number of ways you can authenticate guests including using a custom meeting password, the guest’s own email, or even two-factor authentication. Click here for information on how to authenticate your guests.
- Allow only signed-in users to join the meeting. Zoom has the ability to allow only participants who are signed into Zoom with the email address used for their meeting invite. Click here for information on how to allow only signed-in users to join a Zoom meeting.
- Make sure that only the host of the meeting can share their screen. This can prevent a troll from hijacking the video stream to show things that you and your guests don’t want to see. Click here for information on how to control screen sharing.
- Turn off in-meeting file sharing. This will prevent an interloper from potentially sharing malicious files with your meeting participants. Click here for information about how to manage in-meeting file transfers.
- Disable in-meeting chat. This will prevent a malicious attendee from harrassing other participants via Zoom’s built-in chat client during a meeting. Click here for information on how to turn off in-meeting chat.
- Use Zoom’s virtual waiting room feature. This allows the host to vet a guest before they are permitted to enter the actual meeting. Click here for more information about the Zoom waiting room.
- Lock the meeting. Once the meeting has started and you don’t think anyone else is going to join, you can lock the meeting so that no one else can enter. Click here for more information on how to lock down a Zoom meeting.
There are instances where a “sophisticated” Zoombomber has intruded on a meeting and then re-joined it multiple times after being kicked out. This is done by utilizing multiple Zoom user accounts. There is also the potential for multiple Zoombombers inflitrating a meeting simultaneously if the meeting ID is shared publicly and there are no safeguards to prevent access. If either of these things are happening, it may be best to just end the meeting and create a new meeting with a different Zoom ID. When you invite your participants to the new Zoom meeting, utilize authentication and the other methods listed above to ensure that your bomber(s) can’t strike again.