Safaricom has warned Zoom users over possible security issues expected when using the leading video app – By Prudence Wanza.
The app is now at its peak with most companies and businesses opting to use it to hold virtual meetings during this Covid-19 pandemic.
Safaricom says over 500,000 zoom accounts are being sold on the dark web and hacker forums and this could lead to breach of customer privacy leading to more advanced attacks.
Users are advised to change their passwords and check the data breach notification site to determine whether their email addresses have been leaked in the attack. https://haveibeenpwned.com/
Zoom does not support end to end encryption which means it is not totally secure which could lead to data leakage. People are also guessing or finding zoom meeting ID numbers online and entering uninvited to leave disruptive comments or share disruptive media using Zoom’s screen-share feature.
Finding open meetings, which have IDs from nine to 11 digits, is relatively simple and has already been automated.
All this could have serious business implications such as poor customer experience as well as reputational damage.
How to zoom safely
The telco advises users to generate random meetings IDs and enable the waiting Room feature so that you can see who is attempting to join the meeting allowing them access to the meeting. Once the meeting begins and everyone is in, lock the meeting to outsiders.
Users are also advised to install the latest zoom version that ensure one’s account cannot be easily hijacked by anyone who knows or successfully guesses their account email address.
Zoom also disabled the ability to share files using the app which could lead to malpractices like fraud.