April 6, 2020 | DeISD LIbraries


Zoombombing is a type of cyberattack; it describes when someone hijacks a Zoom teleconferencing chat. Users say their meetings have been interrupted by strangers taunting them as well as recording their Zoombombing attacks and sharing them on TikTok and YouTube.

What has Zoom said about it?

A Zoom spokesperson told CNN that the company is “deeply upset to hear about the incidents involving this type of attack and we strongly condemn such behavior,” and that they “appreciate all efforts to raise awareness around how to best prevent these kinds of attacks.” Zoom also said it began “actively educating users on how they can protect their meetings and help prevent incidents of harassment” on March 20.

A blog post on Zoom’s website recommends generating new meeting ID numbers for each new session, and creating “waiting rooms” that allow conference hosts to approve attendees who request access. Users can also set up two-factor authentication, disable private chat, and lock meetings when they start, just as you would “your front door.”

How can you protect yourself from Zoombombing?

Plan of Action

  • Make sure that users are using the updated version of remote access/meeting applications.
  • Do not make meetings or classrooms public.
  • Use passwords. This is now a standard feature (not an option) on Zoom.
  • Use waiting rooms, with the host managing who enters, and denying entry to unknown visitors.

SECURITY TIPS for standard ZOOM set-up in “settings” in Zoom account

  • Mute participants upon entry (that can be toggled on if needed)

  • Disable annotation, whiteboard, remote control settings (that can be toggled on if needed)

  • Disable screen share for anyone except the host (that can be toggled on if needed);
    When enabled for participants, only allow host to have authority to take over screen share

  • Disable “join before host” so participants can’t enter room before host is present

  • Disable chat window for younger students; use at your discretion with older students

  • Disable using your Personal Meeting ID to set up meetings

SECURITY TIPS while in a Zoom meeting

  • Toggle screen share and other settings on and off for participants as needed

  • Have the “manage participants” side window open at all times

What to do if Zoom bombed

  • Immediately click on “mute all” on the bottom of the “manage participants” side window.

  • Immediately turn on your screen share. This will supersede the hacker(s).

  • Announce to your participants that you will send a new invite in about 15 minutes.

  • End meeting.

  • Generate a new meeting link (with a different meeting number) and email to participants.

Zoom user management tips

  • Enable embedding of password in Zoom invitation link to allow invitees to go to the meeting with one login click (they don’t need to type the password).

  • Enable nonverbal feedback, and teach participants to use “raise hand” and “reactions” emojis.

  • If a user re-names themselves, it must be a recognizable name (such as changing a parent’s name to the student’s name)

Zoom Bombing Solutions

Big picture
*Note: It is recommended that schools use a single sign-on provisioning tool so that technology administrators can control permissions and privileges for staff accounts, and disable features that are unnecessary or inappropriate. These are services by various types of data management and/or IT security companies provided to institutions for a fee, usually on an annual subscription basis.

Read More About Zoom

Ask Your Library Media Specialist!

Your District Library Media Specialists are available online to assist you. This form has been provided to enable us to provide service at your point of need.