The massive uptake of video conferencing service Zoom has resulted in a rise in stock price, a class action lawsuit and a huge opportunity for cybercriminals.

With “work from home” becoming the new normal, this has seen organisations work to quickly find a way to connect their now-remote workforce to keep business going, Zoom conferencing became the tool of choice. From 10 million users in December of 2019 to over 200 million by the end of March 2020 has seen their stock price to jump from $68 on January 1st to a high of $159 on March 23rd.

But security flaws have plagued Zoom and its newfound popularity has been a playground for cybercriminals: 

  • 3,300 new domain names containing the word “Zoom” in 2020
  • “Zoom-bombing” where uninvited attendees have joined meetings to either disrupt or to send malicious links via Zoom’s chat feature
  • Phishing attacks offering malicious “Zoom installers” as attachments are sprouting up

Zoom now also faces a class action lawsuit for concealing the truth about application issues with software encryption, its alleged vulnerabilities, and unauthorised disclosure of personal data to third parties including Facebook.

With the known security flaws fixed, how can you use it safely? As long as Zoom stays focused on making the most secure platform it can, there’s little reason to jump ship. There are a number of best practices you should follow when using Zoom – or any other video conference service:

  • Only use the official Zoom website and app
  • Require a Meeting Password
  • Skip your Personal Meeting URL
  • Make Attendees Provide Full Names 
  • Disable Video and Mute Attendees 
  • Disable Screen Sharing 
  • Lock the Meeting 
  • Update Zoom 

Zoom has been under a lot of scrutiny lately and it is commendable that the vendor has been working through any security issues. With great growth and visibility comes great scrutiny and to their credit they have not been ignoring these concerns and have been transparent.

They have made some changes to its user interface and display which include making security features easily accessible, such as: locking the meeting, enabling a waiting room, removing participants and restricting the access of the participants. 

All of this is very good news and the company should be commended for its efforts during these trying times. 

Our experience in crisis management, disaster recovery and time critical project work has proven to be the major point of difference as has our open and transparent communication.

To discuss successful partnerships and how engaging Consulting IT to maintain your IT infrastructure will reduce your Staff downtime/ Expenditure/ Stress/ Exposure and Risk all the while increasing your Awareness/ Business Continuity Plans/ Backup and Disaster Recovery Systems/ Auditing and Compliance procedures.

Contact Corey Hill ([email protected])

National Sales and Marketing Manager

#consultingit#informationsecuritymanagement#informationtechnology#informationsecurityawareness#computersoftware#scamalert#scammers#computersecurity#antivirusandmalwares#malware#phishing#socialengineering#phishingattacks#phishingattack