How to Zoom Safely: Zoom and Cybersecurity

Published on April 24, 2020  |  Cyberfort Advisors
A male business professional video chats with co-workers using Zoom.

Zoom has been under scrutiny recently for a variety of reasons. While Zoom has taken action to resolve these issues in a quick and transparent manner, it’s still best to be informed of the main problems and how to avoid them.


One of the main problems Zoom users have come across is Zoombombing, which is when an uninvited guest joins a meeting and “bombs” it. It is like photobombing, except with malicious intent and more inappropriate content and actions. Zoombombers have shared inappropriate content, such as pornography, as well as sensitive information, such as a host’s address, during meetings. 

Another cyber threat Zoom users have come across is malware. Hackers can install malware on a user’s device or steal their password by leaving a malicious file or link in the Zoom meeting chat or meeting invite. By clicking on the malicious file or link, the unsuspecting user’s device or application is compromised. 

Zoom has increased its security precautions to address these issues, but it is up to its users to implement many of these solutions.


Zoom offers a variety of features within its app that can protect your meetings and privacy. Enabling or disabling a few of these features can secure your meetings.

Keep your meeting ID private

Set each meeting to use a unique meeting ID instead of a personal meeting ID. This will help keep your personal meeting ID private as well as ensure attendees don’t join the wrong meeting at the wrong time. This can also lower the opportunity for hackers to find and join your meetings. 

In your settings, be sure to toggle off the option to “Use personal meeting ID.” Then be sure not to share any meeting ID online. 

Require a password

A password-enabled meeting is the only type of meeting that is undetectable by zWarDial, which is an automated tool for finding non-password protected Zoom meetings. To protect your Zoom meetings from potential uninvited visitors who use that tool, implement a password for every meeting, like in the screenshot below. To make this easier, Zoom has made a password requirement the default since last year unless you have opted out.

Be sure to never share the meeting password online. Learn more about meeting passwords here.

Require a password in Zoom

Use a single sign-on with a vanity URL

If you have a business or education account, you can use a single sign-on to login using your company credentials. This will require a vanity URL, which looks like

Using a single sign-on reduces the potential for Zoombombing because users only log in once each day and only use one set of credentials.

Learn more about single sign-on at this link

Personalize invites

Using Zoom’s email invite feature is quick and easy, but for those using Zoom for work may want to consider an alternative invite option to avoid spammy-looking invites. Zoom automatically sends a link that ends with a string of numbers and letters, which can look spammy to invitees.

To avoid this, after you create a meeting, instead of using Zoom to invite attendees, copy the meeting ID and password, and email or text attendees with a personal note about the meeting, including the meeting ID, password, and generic Zoom link (

The long-term benefit of taking the time to personalize Zoom meeting invites is that if your attendees receive a fake meeting invite, they will automatically know it’s not from you because you always personalize the invite. This could potentially save your users, and network, from malicious activity down the road. 

Limit screen sharing

If you utilize screen sharing as a host but your attendees do not need to share their screens, then disable screen sharing for guests, like in the screenshot below. 

If you do not utilize screen-sharing at all, disable it completely. This removes the possibility for a hacker to take over the meeting. 

Zoom's screen sharing options

Ensure “Join before host” is turned off

Another way to avoid Zoombombing is to ensure the “join before host” option is off, which it is by default. This way, as the host, you take over the meeting from the very beginning and attendees can join you when they are ready.

Be sure to be on time for these meetings when you have this setting turned off or your attendees may grow impatient and leave the meeting before it starts. 

Update your firewall settings

According to Tom’s Guide, you can protect your device from malicious links by going into your firewall settings and blocking outbound port 445. 

Also, be sure to update your antivirus software to catch any malware that does come through.

Enable the waiting room

Enabling the waiting room, which is shown in the screenshot below, allows you to screen attendees before they join the meeting. You can admit them at your discretion. 

Use the waiting room in Zoom

Try a webinar instead of a meeting

If you have a larger virtual presentation that does not require collaboration, a webinar may be safer than a meeting. A webinar is available in Zoom’s paid plans and allows only the host and panelists to view the attendee list, manage the video-sharing and audio-sharing settings, and more. This removes the possibility of Zoombombing for situations where collaboration is not necessary outside of the chat.

To further compare meetings and webinars, visit this link

Lock the meeting

Once all invitees are in the meeting, you can lock the meeting, which is an option under “Manage Participants.” “Locking” the meeting means you block out any newcomers from the meeting. This will ensure no uninvited guests show up. 

If you need to unlock the meeting to add a guest in the middle of the meeting, you can do so. Then, be sure to lock the meeting again. 

Download the latest version of Zoom

Zoom recently updated its software to resolve problems users were facing. To take advantage of these updates, be sure to download the latest version of Zoom for every device you use for video meetings. 

Learn more about these updates and how Zoom cares for your privacy and security here. Learn more about how to effectively use Zoom during the coronavirus epidemic at this link

Review host options 

Before your next meeting, review your host options. These include:

  • Mute attendees
  • Disable chat or prevent participants from saving chat (see below screenshot)
  • Remove unwanted attendees
  • Disable attendees’ video
  • Turn off file transfer

Zoom chat options

Learning about your security options within Zoom and otherwise can help protect your meetings, data, and privacy. We offer Web Security solutions and Email Security solutions that can block many of the vulnerabilities from causing harm to your network and devices.

LEARN MORE about Web Security Solutions >

LEARN MORE about Email Security Solutions >