How to avoid getting doxxed on Zoom

Zoom Zoom Zoom the meeting room. So Zoom used to be yet another ultra-cool way of having business meetings or chatting with friends online but the pandemic has shifted it to mean something entirely different. Because of Covid-19 and people staying at home instead of going to work or school; Zoom is now arguably the new life-force of today's society in some sense.

Zooms tools allow lectures to annotate and speak to students, businesses can easily create instant meeting rooms and share their screen for streamlined presentations. However, doxxing is a sport here too so beware.

Zoom bombing

A phenomenon known has Zoom bombing or zoom trolling has also become a prevalent trend among young people where they infiltrate conferences and cause havoc for members in meetings. The Doxxers could even disguise themselves as a participant of a class or meeting and use tactics to discover information about the targeted individuals. In late March 2020, the FBI even got involved and issued a warning; the FBI advized certain steps of action for Zoom to take in making their settings more effective in respect to security protocols.

Another serious problem that occurs especially in educational fields and university settings is that doxxers may use Zoom meetings to leak expository content of a victim; on a more dangerous note; sexually explicit content may be leaked regarding a student or another member of the educational community. As you can imagine, the repercussions can be dire. Zoom meetings can be used as a severe form of cyberbullying. These attacks could also even lead to individuals losing their jobs due to the level of expository content.

One of the oldest tricks in the book is the use of malicious links being sent to users via Zoom or via email for the purposes of phishing. These links often lead to some download file coaxing the individual to install software which is often a malware virus in disguise which takes control of the individuals computer and gathers personal and sensitive information; later used by the attacker for the doxxing of all kinds of details about the user.

There are some ways to prevent these doxxing traps;

By early April of 2020, Zoom released Zoom version 5.0, in response to FBI advice. Zoom enacted settings including over 100 new security features.

It now offers encryption features and also a Report, a user function that can be used to report suspicious behaviour or a Zoom troll. This feature enforces default meeting settings. For example, a passcode is now required and also waiting rooms are introduced so that users can be filtered and analysed before they are allowed to enter the Zoom meeting spaces.

Don’t click invite URLS

To make things even more secure on Zoom, you can be more careful about how you and others join the conferences. Zoom meetings are formed by creating a meeting and copying an URL that is generated by Zoom. Participants are then instructed to join the meeting by sending them the URL. We advise you not to click any link you receive through a Zoom invite, since it could be a phishing scheme.

When you start a meeting, you get to send out a link that starts with this: https://zoom.us/ followed by a long string of numbers and letters.

There is a much safer way to invite people which we advise so that you can avoid any shady links.

In the top right corner of the screen where you would usually get the link.Instead jot down the meeting ID, which is located in the middle, and the password, which is at the bottom right hand corner. You could also Include a personal note in the email to make your guests feel more secure. The meeting can be accessed either from https://www.zoom.us or through the Zoom app.

Adjust screen share options

You can also prevent any issues by Immediately adjusting the screen share options

The host of a Zoom meeting can change the settings to prevent uninvited attendees from sharing your screen and disrupting the meeting. You could remember these settings for future reference. On the Zoom app's general settings page, there is a screen sharing option. Go to Advanced settings. Here, you can instruct Zoom only to share the host's screen. This will resolve the security issue and prevent any doxxing attacks.

Let them wait

You can also use the new waiting room feature; if you can find it that is. This one is a little more difficult to spot. So let’s help you find the rabbit-hole. As the host, before you start the Zoom meeting you can go to your master account settings. This feature is located under My account; at the top right hand corner of your Zoom screen. Next you click on settings and then on the meetings tab. Scroll down. The waiting list options are at the very bottom. After you toggle the waiting room options it will be default for all of your future conferences.

Other Host controls

You can also disable the guest screen sharing feature. By doing so, you can prevent potential doxxers from being able to view what is on your desktop. It also won’t stop anybody else from being able to join your meetings. It will however keep hackers or doxxers from taking over the conference entirely or prevent them sharing explicit or inappropriate content or data leaks.

Another great precaution to take is to require that the host be present in the Zoom meetings. Zoom usually provides a feature where a meeting could start by default when one person joins, even if they are not the host. This is convenient if the host is running a few minutes behind but also could pose a problem, as it could leave the gates open for a potential doxxing attack or for the ‘Zoom bombers’ as it’s referred to these days. You can turn this feature off by toggling the joining before host settings and switching it off; it will stay switched-off retrospectively for future meetings.

Keep your meetings ID private

Make sure that you keep your personal meeting ID private.

Try not to share your personal meeting ID (PMI). When you do this, it's fairly easy for anyone to join your meetings.

Each meeting should have its own unique ID. By default, Zoom can assign the meeting its own unique ID.You need to disable "Use Personal Meeting ID when scheduling meetings". Furthermore, this will not only keep bad actors away, but it will also ensure that attendees from your next meeting don't arrive early.

Make sure you use a password

For those who use their PMI, Zoom has a feature that protects meetings with a password, and they can only share it with the people they want in the meeting. If you share it online, then you defeat the whole purpose.

Webinar instead of meetings

For an additional subscription fee of around $20, you can create webinars instead of meetings. The perk of this is that it doesn’t create participation, of course this wouldn't be useful for interactive meetings, but it’s a great way to filter out potential doxxing attacks when presentations are the only aim of the Zoom meeting.

We hope you found this article useful for more articles dedicated to keeping you secure online go to our page pragmatic paranoia; pragmatic paranoia at its best.