Security issues have been on the rise on the internet in recent times as more and more people resort to online dealings. One widely-used tech product that has gained renewed attention from hackers is Zoom. From 10 million daily users, Zoom grew to 200 million daily users in March. However, that has brought some disturbing occurrences with it.
Only last week, the company’s CEO Eric Yuan, noted that the company was aware of the security issues and breaches in its platform and was hard at work to fix it. He also apologized for the adverse effects it had on clients who used the app to keep business communications going smoothly.
Despite that, latest reports indicate that details of individual and organisations’ zoom accounts are been compiled and sold on the dark web for less than a dollar.
This was revealed by Cybersecurity Intelligence firm, Cyble, in a statement to bleeping computers. According to Cyble, it purchased 530,000 Zoom account credentials being sold by hackers when it noticed the activity. This was done with the intent to set the accounts free for the users.
The details being peddled include users email address, passwords, personal meeting URL, and their HostKey.
What happens if your account is hacked?
It majorly comes down to the new form of trolling called ‘#zoombombing’. This means that people with the right zoom credentials can drop in on calls and video meetings to spy or harass the participants of the meeting.
In reports from previous zoombombing incidents, hackers hijacked meetings and screamed obscenities at the participants, or shared pornographic and violent content on their screens with people in the meeting. Some of the attacks have been racial, but each has stemmed from malicious intent.
Google, SpaceX, the Taiwan government, and other organizations have banned the use of Zoom by their officials in order to prevent the security breaches that have become rampant.
Beyond the verbal and screen attacks by the hackers, there is the underlying factor that hackers could eavesdrop and listen to sensitive information and sell the same using other shady means. This security issue is of major concern and is the reason why most organizations have taken to outlawing zoom in their business operations.
How can you reduce your chances of being hacked?
One measure is to avoid using the same password that has been used for other accounts for your zoom account. For instance, if you have used a password for your Facebook account, do not use that same password for your zoom account.
If your Facebook has been exposed and a hacker has gotten hold of your password, using the same password for zoom just extends the reach of the hacker where your accounts are concerned.
Another measure is to host private meetings only and have people wait for you to add them to meetings. Controlling who can share their screens during a call via settings can help to forestall a visual takeover if a hacker is present in your meeting.
The meeting host can do this by selecting Advanced Sharing Options (the arrow next to the Share Screen icon) then choose ‘Only Host’. This will make it impossible for any random person to share their screen.
Additionally, do not use personal meeting ID to create Zoom video links. This is because if the link becomes public, anyone can join the video call and hijack your meeting. It is better to create random IDs instead for each use.
Above all, if you don’t feel comfortable with all the security threats and are of the strong belief that prevention is better than cure, you can simply stop using the app altogether. Safety first.