As large numbers of people turn to video teleconferencing (VTC) platforms to stay connected during the COVID-19 crisis, reports of VTC hijacking (also called “Zoom bombing”) are emerging nationwide. The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language.
The FBI recommends the following steps to mitigate teleconference hijacking threats:
- Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
- Do not share a link to a teleconference or classroom through an unrestricted website or a publicly available social media post. Provide the link directly to specific people.
- Manage screensharing options. In Zoom, change screensharing to “Host Only.”
- Ensure users are using the updated version of remote access/meeting applications.
- Ensure that your organization's telework policy or guide addresses requirements for physical and information security.
If you are a victim of a teleconference hijacking, or any cybercrime for that matter, the FBI requests that you report it to the Internet Crime Complaint Center. If you receive a specific threat during a teleconference, please report it at tips.fbi.gov.