Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

Kaspersky shares 10 security and privacy tips when using Zoom

Written by  Apr 22, 2020

The recommendations from Kaspersky come following recent concerns regarding Zoom's security and privacy.

Video chats over Zoom have recently been reported as hacked by ‘Zoom bombers’, and while coding measures have been put in place to improve security, users must remain vigilant about continued insecurities.

With this in mind, researchers at Kaspersky have provided 10 tips for staying secure while using Zoom.

1. Protect your account

Firstly, Kaspersky has recommended that Zoom accounts, as with accounts for any other platform, are protected using a strong password and two-factor authentication (2FA).

Passwords, according to Kaspersky, should not only be strong, but be kept in the long run as opposed to being changed, as changing them makes them more difficult to remember, and changes made aren’t major enough to prevent cyber criminals from hacking an account.

More specific to Zoom, though, is the Personal Meeting ID (PMI), which must not be shared publicly, as access to meetings can be gained by anyone who has it.

2. Use your work email when registering

Using your work email when creating a Zoom account, a well established public domain will help to keep personal contact details private. Your IT department will be actively looking for anomalies from external connections.

A recently discovered glitch within the platform’s Company Directory function involves users with the same email domain being grouped together, with the exception of email addresses with common domains such as @gmail.com.

This allows for the sharing of contact details, and is still not fixed.

3. Watch out for fake applications

The amount of malicious files that share the names of video conference services such as Zoom and Webex has roughly tripled within the past year, according to research conducted by Kaspersky.

This makes it even more vital that users do not use any source other than Zoom’s official website (zoom.us), the App Store or Google Play to download the application.

4. Don’t share conference links over social media

Zoombombing, the act of entering a Zoom meeting unauthorised and implementing offensive content, that has occurred over social media.

If there is no other option for hosting a public meeting, users should disable the ‘Use Personal Meeting ID’ option.

5. Protect every meeting with a password

Kaspersky not only recommends protecting your account with one, but your meetings, too. This can ensure that no unwanted guests join the meeting.

Just like conference links, conference passwords, which are enabled by default on Zoom, should be shared amongst the member of the meeting only and not shared on social media.

6. Enable the Waiting Room function

Another way to prevent unauthorised access is to enable Zoom’s ‘Waiting Room’ function, which prevents entry without approval from the host, and is also enabled by default.

This can come in handy if the password for the meeting ends up being publicly shared or given out to an unauthorised user.

Advertisement

Folder Lock - Data Security & Encryption [Download]amazon uk

7. Consider screen-sharing features

Users should also be careful about sharing their screen view with other participants, say Kaspersky.

An eye should be kept on the following aspects of these features:

  • Whether to limit screen-sharing ability to the host or allow all participants to have this ability.
  • Allowing for simultaneous screen-sharing from multiple participants.

8. Stay with the Web client if possible

Many client apps that are affiliated with Zoom have demonstrated some kind of vulnerability, according to Kaspersky. These flaws include lack of security for the user’s camera and microphone, and letting websites add users to calls without consent.

Although Zoom has since fixed these issues, a lack of a proper security assessment means that Zoom apps may still be vulnerable, meaning that using its web client is always recommended where possible.

The web client operates in sandbox conditions, allowing for increased security due to an absence of external access permissions.

Additionally, users should aim to limit devices connected to their Zoom account to one if possible, and have this be a spare laptop or smartphone with minimal personal information.

9. Avoid discussing personal or private company details

Zoom recently admitted that its so-called end-to-end encryption meant that one end was its server, so end-to-end encryption wasn't actually being performed.

End-to-end encryption is also on other video conferencing platforms, so Kaspersky does not recommend leaving Zoom on this basis. But, Kapersky does recommend that users avoid revealing personal details, or confidential details relating to trade.

10. Consider who is around you

Finally, Kaspersky stated that users of not only Zoom, but other video conferencing services, be wary about what can be seen or heard on camera, as well as when screen-sharing.

Shoulder surfing is also something else to watch out for during your meeting.


Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Advertisement

Popular News

May 06, 2020 IT Security News

Popular VPNs Exposed Users to Attacks

Researchers analysed some of the most popular VPNs and discovered that two of them were affected by vulnerabilities that...

May 19, 2020 IT Security News

EasyJet data breach: Over 9 million customers affected

The personal data of over 9 million EasyJet customers has been infiltrated by hackers, including over 2,000 users' credi...

May 22, 2020 Cyber Security

EasyJet will be sued over customer data breach

Legal firm PGMBM, a specialist in group legal action, has issued a class action claim under Article 82 of the General Da...

Mar 27, 2020 Cyber Security

Hospitals worldwide offered free security software

As cyberattacks against hospitals surge during the coronavirus crisis, technology companies are stepping up to alleviate...

May 18, 2020 Cyber Security

UK power grid operator Elexon hit by cyberattack

The UK’s power grid middleman Elexon has announced it has fallen victim to a cyberattack, which did not compromise pow...

May 05, 2020 Cyber Security

The importance of cybersecurity for UK businesses

Technology is constantly changing and at a pace which is hard to keep up with, but 'safety first' always applies. ...

May 11, 2020 Cloud Security News

Tips to help secure your cloud data in the UK

In this digital age, it’s not a great idea to trust someone with your sensitive data. ...

Apr 01, 2020 IT Security News

Online privacy is all but gone, say Brits

Nearly 80% of UK consumers believe they have lost any real control over how their personal data is collected and used by...

Apr 10, 2020 IT Security News

The importance of security for UK office printers

When it comes to digital security, we tend not to think about printers as they are often seen as dumb devices with a few...

May 07, 2020 Cyber Security

Three quarters of UK homeworkers haven't received cybersecurity training

As Covid-19-related cybersecurity threats continue to multiply, three in four of home workers are yet to receive any cyb...

May 14, 2020 IT Security News

Windows 10 is getting DNS over HTTPS (DoH) support

DNS is one of the last protocols that still runs unencrypted on the Internet. ...

Apr 11, 2020 IT Security News

Tips for testing an IT security experts worth in the UK

There is no shortage of people presenting themselves as security experts. Some of them truly are, the others may or may ...

May 20, 2020 IT Security News

To VPN or not to VPN for business users

It’s a question many organisations are asking as they work to provide secure and reliable remote access at scale. ...

Apr 07, 2020 IT Security News

Eighty per cent of exposed Exchange servers remain unpatched

Over 350,000 Microsoft Exchange servers have not been patched against the CVE-2020-0688 post-auth remote code execution ...

Apr 22, 2020 IT Security News

Kaspersky shares 10 security and privacy tips when using Zoom

The recommendations from Kaspersky come following recent concerns regarding Zoom's security and privacy. ...

Apr 17, 2020 Cyber Security

SonicWall launches boundless cyber security platform

SonicWall has released a new boundless cyber security platform to protect companies and government agencies remote workf...

Advertisement
Symantec Home 120x60

Advertisement