Harassment on Zoom by Zoombombing
As the use of Zoom as a method for mass communication grows, harassers and other online trolls find new ways to cause harassment and distress to unsuspecting private and business users. It is therefore important for Zoom users to familiarise themselves with the potential likely threats and dangers associated with the new phenomenon, Zoombombing.
Zoombombing attacks happen when an uninvited guest appears on the zoom call in an attempt to hijack it, either through the use of hate speech, sharing pornographic content on the screen or shouting racial abuse to name but a few. Zoombombing is a new form of cyberbullying which has become very popular as a result of the global pandemic, where people have been forced to stay inside, only being able to communicate with the world through a screen via the internet.
It is therefore upsetting to think that the one way that we are able to initiate safe contact with others, is being compromised by ruthless online harassers who choose to use the good of zoom (as well as many other video operating platforms) as a weapon. To put into context the amount of people who could be victims of Zoombombing can be shown when we look at the statistics of zoom users. For example, according to a report from data collated by SensorTower, the installation of zoom for the first time by users has grown by over 1,126 percent to over 76 million users compared to the 6.2 million downloads from February prior to the pandemic breakout.
The reality is, Zoombombing can happen at any time. Whether it is during an online lecture, an important online conference meeting, or perhaps a child’s zoom birthday party - these online harassers are out there, and they are out to get you. Understanding why these people want to cause disruption in this way, as if the world was not in enough chaos and crisis already, is a question that can be relayed to all those who are responsible for online harassment campaigns.
Whether it is jealousy, a method of disrupting a political debate, or to promote one’s religious beliefs, or just to cause trouble, the reasons people may decide to orchestrate Zoombombing are endless. Perhaps these are individuals who feel lonely and isolated, victims themselves, and the only way they are able to feel in control and powerful is by gaining attention by others during video calls where they become the centre of attention - or maybe they just want to cause mischief as a prank.
Usually there are plots over social media and threads such as reddit, to share secret meeting passwords and ID codes in order to get into calls. If the host of the zoom call has not put the appropriate measures in place to eliminate the risk of a potential zoom-bomb attack, this will mean the Zoombomber will have no difficulty breaking into the meeting. Some may ask how social media platforms allow messages such as these to transpire between individuals when it is clear that they are plotting evil harms to innocent individuals, yet nothing is done to stop it until a report is made, how is this fair? This leads to another argument where social media moderation is concerned.
An example of a zoom bombing attack was on March 29th, Zahed Amanullah had organised a zoom call with other global Muslim leaders to discuss continuing to promote practises of spirituality and wellness during the pandemic. However during this call a mysterious cursor appeared on one of the screens and started to draw racial phrases on the screen. Mr Amanullah reported after the zoom bomb that, “We were all caught off guard” and “We had no clue where it was coming from”. Indeed, it is scary to think that where an app such as zoom is so easy to use and accessible to all, you could be putting yourself and your loved ones at a high risk of seeing or hearing something they may never be able to recover from.
One of the biggest risks of Zoombombing is the potential for private information shared on the meeting, will come to the knowledge of the wrong people and may also be disseminated on social media. The information shared could then be used to try to embarrass and harass participants in the meeting. In relation to the unlawful recording of Zoom meetings, there are typically two main areas of significant risk. The first, is the sharing of screens and private information between the organisers and the participants and the second is the unauthorised recoding of the Zoom meeting.
An unauthorised recoding of a Zoom meeting, in a manner which does not alert the organises, can be easily done by using various screen recording software. Private information about attendees of the meeting could be used to dox them later or to damage the commercial reputation of the company. A zoom spokesman has said in response to the new form of online harassment that “Zoom strongly condemns harassment of this kind and we have been reporting instances of this to various social platforms in order for them to take appropriate action” when referring to the initial ploys of plotting the zoom attacks.
There is only so much a person can do to stop Zoombombing from happening. After all, even if you have willingly invited someone to your call, there is nothing to stop them from causing mayhem and distress during the call. Your aim is to take appropriate steps to prevent unauthorised attendees from harassing lawful participants in the Zoom meeting because this what people you invite to the meeting are expecting of you. Here is a preliminary guideline on how to keep yourself and your organisation safe on Zoom.
The use of unique password
Always, when arranging Zoom meetings, use a unique password. Avoid reusing the same password for different meetings. Same rule applies to the use of a personal meeting ID. The danger that you wish to avoid is that an attacker would replicated the user ID and intrude into future calls.
Create a secure password
Decide on a unique password, perhaps a combination of letters and numbers which are not associated with the topic of your zoom call. You may allow Zoon to generate an automatic password for all those attending the meeting.
Share details of the Zoom meeting with care
It is important to share details of the Zoom meeting in a manner which would resuce the likelihood of interception. Unless you share the Zoom meeting credentials in through a private, encrypted message, avoid posting the details to the Zoom meeting on social media. The danger that you wish to avoid is to reduce public notice of the Zoom meeting that you are about to host and by doing this avoid affording potential harassers the time it might take to track the Zoom meeting credentials through unsavoury means, such as hacking.
Use the wating room feature on Zoom
Zoom offers a waiting room feature which allow you vet those coming to the meeting. Whenever possible, require Zoom users to have their video camera switched on so that you can positively identify them before allowing them to enter the meeting. It is important to give yourself and other attendees of the Zoom meeting control and reassurance that you are taking this safety precaution. Preferably, require participants in the meeting to have their names clearly displayed whilst in the waiting room.
Apply controlled entrance to the Zoom meeting
Limit access of participants to the meeting to one at the time to ensure that you, as the host, maintain the ultimate control over who is coming in. Each participant must go through all the security checks that we have mentioned above before they are allowed into the meeting.
Lock the meeting
Once the meeting has started, lock the meeting so that you are not tempted to allow any other users into the call who are not expected. Keep count of the number of invitations and participants in the meeting. Any later comers must go through the same rigour identify checks as everyone else. It could be tempting to let a latecomer fast entrance to the meeting without all the appropriate checks. This is particularly true if the latecomer is someone important. Latecomers are the Achilles Heel of your Zoom meeting so be super vigilant and keep the entrance procedure at least as tight as was for those attending on time, regardless of who the persona is.
Despite taking precautions and being careful, Zoombombing may only be the start of an online campaign of harassment. If someone has been able to access you or find out your identity from a zoom call this may lead to an escalation in behaviour such as online stalking and further harassment which could compromise your safety and wellbeing.
Furthermore, a potential zoom attack could result in private messages being sent to you which are inappropriate or threatening in nature, and you may not know where to go or what to do. Someone may decide to shout hate about you during a zoom call and plot to ruin your reputation through slander and sharing your private images and videos on a screen. Even when people put reasonable precautions in place, there is still a risk of a potential hack occurring.
For example, in Pennsylvania, the small borough of Camp Hill had become a target for Zoombombing last year in April. The president of the local borough council held an online town meeting via zoom, promoting encouraging messages to the community to stay safe and to share phone numbers of community groups who would be offering aid during the pandemic.
Suddenly, "I looked up at my screen from the report I was reading and there was porn on the screen," one of the participants said after the zoom bomb attack happened. The person who was in charge of the zoom call, found it difficult to sift through the legitimate users who were invited to the call, against the harassers who joined the calls under false names pretending to be residents of the borough. If you are a victim of online harassment or Zoombombing, where your integrity and personal information are being compromised, reach out to one of our friendly team and we will point you in the right direction of how we can help you.