OHIO | BBB warns of “zoom-bombing” as people work and socialize from home 


Since Governor Mike DeWine and Director of Health, Dr. Amy Acton have extended the stay at home order through May 1st, many people are relying on services like Zoom to keep up with their work or social life.

While platforms like Zoom are a convenient way to stay connected, Better Business Bureau of Central Ohio wants to warn users about people who are trying to hack into private sessions. Video hijacking, known as “Zoom-bombing”, happens when someone hosts a call on public channels over the Internet. Hijackers are able to guess the correct URL or meeting ID for a public Zoom session – giving them access to the feed.

BBB offers the following tips to prevent Zoom-bombing from happening to you:

  • Use a Unique ID for Large or Public Zoom Calls: When you create a Zoom account, the app assigns users a Personal Meeting ID (PMI). When hosting a large Zoom call where members of the public are attending, it’s better to use a one-time code rather than a user’s PMI. If not, hijackers can use the PMI to try to jump in on your Zoom calls at any time.
  • Require a Meeting Password: For those hosting private meetings, password protections are on by default. Keep those protections on to prevent uninvited users from joining. It’s only an option when you generate a unique ID, not when you use your PMI.
  • Don’t Share the Unique ID Publicly: Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific meeting attendees.
  • Allow Only Hosts to Share Their Screen: Don’t let anyone hijack the screen during a Zoom call. To prevent it, make sure your settings indicate that the only people allowed to share their screens are hosts. Navigate to Personal > Settings > In Meeting (Basic) and look for Screen sharing. Check the option that only allows the host to share.
  • Create a Waiting Room: When participants log into the call, they see a Waiting Room screen that you can customize. They aren’t let into the call until you, the host, lets them in. Hosts allow people in all at once or one at a time. This lets you screen the attendees and if you see names you don’t recognize in the Waiting Room, you don’t have to let them in at all.
  • Create an Invite-Only Meeting: If you have Pro, Business, Education, or Enterprise Zoom accounts, enable “Authentication Profiles” settings, so anyone who tries to join your meeting without proper authorization will see a notification on their screen telling them that the video conference is for authorized attendees only.
  • Lock a Meeting Once It Starts: If you start a meeting and all attendees have joined, hosts can lock the meeting from new participants. During the session, navigate to the bottom of the screen and click Manage Participants. The Participants panel will open;at the bottom, choose More > Lock Meeting.
  • Remove Attendees or Put Them On Hold: Hosts can kick unruly attendees out of a call or put them on hold. To remove an attendee, hover over the name of the person you want to remove on the Participants panel on the right. When options appear, choose Remove. By default, an ousted guest cannot rejoin. To put the guest on hold, find the video thumbnail of the person you want to put on hold. Click on their video image and select Start Attendee On Hold. Hosts can reverse this action by clicking Take Off Hold in the Participants panel.
  • Disable The Participant’s Camera: Hosts can turn off any participant’s camera by opening the Participants panel and clicking on the video camera icon next to the person’s name.
  • Keep Disable File Transfer Settings Active: Keep default settings on to Disable File Transfer to limit participants from sharing files, including images and animated GIFs within the chat. Open Settings in the Zoom web app (it’s not in the desktop app). On the left side, go to Personal > Settings. Then click In Meeting (Basic). Scroll down until you see File Transfer and slide the toggle to disable.

Check bbb.org for more information on how to avoid scams.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s