Caitlin O’Malley, DES, an education associate at PCMA, was monitoring the chat on the April 16 PCMA webinar, “Get Empowered: Your Professional LinkedIn Makeover,” when she noticed one person asking the same question a few different times in Zoom’s chat function. “I have a question,” Joe typed in, and a second later, “Can everyone see this message?” O’Malley, thinking he was new to Zoom and needed some help, responded that he had changed his setting so that everyone, indeed, could see his messages.
Other helpful participants chimed in and some provided similar instruction: “Joe, questions should be submitted in the Q&A tab.” Still he persisted, asking, “Does that mean more people than you can see it?”
Again, O’Malley assured him that with his current setting, everyone could see what he was typing. If he changed it back to panelists only, just the speaker, event tech expert Dahlia El Gazzar, DES, and O’Malley and her education associate colleague, Judith De La Vega, would see his comments. De La Vega stepped in, again thinking Joe was having trouble finding his way around Zoom. “Hi Joe,” she wrote in the chat, “please select ‘All Panelists’ from the To: section in the chat, or enter your question in the Q&A box.”
Seconds later, Joe unleashed the same profane racial slur over and over again in the chat. O’Malley said it seemed like it took “forever” to kick him out of the Zoom, but when she looked back at the chat record later, she felt better realizing that it had taken her only seven seconds to eject PCMA’s first webinar Zoombomber.
Not wanting to further distract participants from the presentation, De La Vega waited until the end to apologize to participants in the chat for the troll. O’Malley said that everyone was completely understanding.
That’s likely because in this coronavirus-related remote working and online learning world, the incidence of Zoombombing — when uninvited attendees break into and disrupt your meeting — is surging.
According to a c/net article , “No More Zoombombing: 4 Steps to a More Secure Video Chat,” it’s easy to Zoombomb a meeting — in many cases, all it takes is a simple Google search for URLs that include “Zoom.us.” That can bring up the unprotected links of multiple meetings that anyone can get into. Similarly, links to meetings can be found on organizational pages on social media, the article points out, which is a practice that PCMA — which often livestreams webinars on its Facebook page with a Zoom link — will now be changed, O’Malley said.
Last week, Zoom CEO Eric Yuan responded to users’ privacy and security concerns, saying the company is freezing feature updates to address them in the next 90 days.
In the meantime, while c/net said there are “no guarantees against determined trolls,” there are some things you can do to improve your overall privacy levels on Zoom. Here are some recommendations:
Change Your Settings
- Don’t use your Personal Meeting ID for the meeting — use a per-meeting ID, exclusive to a single meeting.
- Enable the “Waiting Room” feature so that you can see who is trying to join the meeting before letting them in.
- Disable other options, including the ability for others to Join Before Host. Then disable screen-sharing for nonhosts, and also the remote control function. Finally, disable all file-transferring, annotations, and the autosave feature for chats. (C/net provides step-by-step instructions.)
- Once the meeting starts and everyone is in, lock the meeting to outsiders and assign at least two meeting co-hosts (as is PCMA’s practice).
Another guide to prevent Zoombombing, published by Consumer Reports, provided additional recommendations:
- For large meetings, consider turning off the feature that lets participants appear in front of a virtual background, “because an intruder could easily post an offensive image” as their background.
- Generate a Zoom link automatically instead of using standard naming conventions — it makes it “harder for bad actors” to guess what kind of meeting is being held.
- Privacy experts recommend the use of passwords for every Zoom meeting.
- When using the “Waiting Room” feature, you can place a suspicious attendee “on hold.” That leaves them in the meeting but blocks video and audio transmission between them and everyone else.
- If you decide not to disable the chat feature because you encourage interaction between participants, you can warn participant to use caution when clicking on links in a chat, especially if they’re from someone they don’t know. You can also limit the kinds of files that can be shared in chat.
- Zoom recording should only be used with the permission of attendees. O’Malley now lets people know that — sharing the Zoom message that “by continuing to be in the webinar, you are consenting to be recorded.” But Consumer Reports also said that you should disable the setting that allows participants to record a meeting.
Zoom also offers a problem-shooting resource on its support page.
Michelle Russell is editor in chief of Convene.
PCMA has created a COVID-19 resources page to help event professionals find reliable information about the pandemic and to share events industry-related resources to ensure they are prepared now and in the future.