From Zoombombing to Phishing: Keep Your Data Safe While Working From Home
We’re working from home. Talking from home. Reporting, and meeting, and Zooming from home. And the internet trolls know it. During the COVID-19 crisis, malicious intruders are seeping into our personal and work lives in ways that disrupt, embarrass, and, in more severe situations, put privileged personal and company information at risk.
The new zoombombing phenomena happens when uninvited participants hack their way into a Zoom or other video conference in progress and post graphic images, make racial slurs, or create other interruptions. Stories abound of meetings being “bombed” and hastily ended to stop the intrusion.
Companies also report increased incidents of phishing, the practice of sending malevolent emails that get readers to give away personal information, credit card numbers, etc.
The spike in internet bad behavior reflects the growing popularity of video meetings resulting from shelter-in-place orders. According to Zoom, the company had a record 10 million daily meeting participants in December 2019. In March the number skyrocketed to 200 million daily meeting participants. And Zoom wasn’t prepared.
According to the New York Times, Zoom has “a default setting that allows any meeting participant to share their screen without permission from an event’s host. Anyone who has a link to a public meeting can join. Links to public Zooms are traded in Facebook Groups and Discord chats, and are easily discoverable on Twitter and public event pages.”
Which means the default settings make it easy for hackers to find you, join your meeting, and create problems.
What You Can Do
To keep you meeting private, you must take a few steps to protect yourself, including setting up waiting rooms, using a meeting lock, and limiting the number of people who can screen share.
A CNBC article explains: “A waiting room is a virtual place where people gather before a Zoom meeting, allowing the host to vet each one of them before allowing them into the live meeting. Hosts can set up a waiting room by default for every meeting you with a control in Zoom’s web settings.
A meeting lock stops newcomers from joining once everyone you were expecting has arrived. To turn on that feature, click the “manage participants” button at the bottom of the Zoom application window, hit “more” in the participants pane near the bottom right corner of the window, and select “lock meeting.”
A meeting host can stop anyone else from taking control of what everyone sees and sharing a stream of what’s on their computer screen. You can enable that restriction from the Zoom web settings.
Also, you can better manage disruptions if you do not make the meeting public and don’t share meeting links on your social media accounts.
On its website, Zoom offers a full selection of support, from live demos, DIY tutorials, and reading materials.
Additionally, the company encourages users to make Waiting Rooms the default setting, as follows
- Sign into your account in the Zoom Web Portal and access the Settings tab.
- Click on the In Meeting (Advanced) option.
- Search or scroll to find the Waiting Room option.
- Toggle the button next to the Waiting Room to enable this feature.
- After enabling the Waiting Room feature, you can choose to send all participants to the Waiting Room when they join or to send only guest participants (external accounts) to the Waiting Room. You can also allow other internal participants to admit guests from the Waiting Room if the host is not yet in the meeting.
Be on the Lookout for Phishing
As our country works from home is, phishing incidents are increasing as well. The Federal Trade Commission provides these four steps to help keep you safe:
- Protect your computer by using security software. Set the software to update automatically so it can deal with any new security threats.
- Protect your mobile phone by setting software to update automatically. These updates could give you critical protection against security threats.
- Protect your accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in to your account. This is called multi-factor authentication. The additional credentials you need to log in to your account fall into two categories:
- Something you have — like a passcode you get via text message or an authentication app.
- Something you are — like a scan of your fingerprint, your retina, or your face.
- Multi-factor authentication makes it harder for scammers to log in to your accounts if they do get your username and password.
- Protect your data by backing it up. Back up your data and make sure those backups aren’t connected to your home network. You can copy your computer files to an external hard drive or cloud storage. Back up the data on your phone, too.
With a little attention to details, you can make your meetings safer and your work-from-home experience more secure.
At Nelson, we’re here to help with your staffing or job search needs. Contact us today.