Security Concerns with Technology during COVID-19

Scammers are taking advantage of fears surrounding COVID-19

Learn more about Coronavirus scams from the Federal Trade Commission. Tips for avoiding these scams:

• Hang up on robocalls.  
• Ignore online offers for vaccinations and home test kits. 
• Don’t click on or respond to emails asking for personal information in order to receive an economic stimulus check from the government. 
• Don’t click on links from sources you don’t know. 
• Don’t click on or respond to emails that claim a positive COVID-19 test within your workplace. 
• Don’t click on or respond to emails claiming to be from the Centers for Disease Control and Prevention or the World Health Organization.  

FEMA Coronavirus Rumor Control

The purpose of this FEMA page is to help the public distinguish between rumors and facts regarding the response to coronavirus (COVID-19) pandemic. 

Zoom Security

In the past few days, the security of Zoom has been questioned in several ways. These questions, and the productive way that Zoom has responded, have improved the health and security of Zoom.

• A Change to Meeting Links. Effective Saturday, April 4th, new Zoom meetings you create will be assigned an auto-generated password. These passwords will prevent “Zoom bombing” where unknown people looking to disrupt meetings guess the meeting ID and join your meeting uninvited.  You shouldn’t notice any change, other than longer Zoom meeting links will look longer. 
• Insecurity of the “Telephone Audio” option. Meeting participants who join by telephone audio will now also need to enter the meeting password. Keep in mind that keeping the “Computer Audio” option selected in the settings for your meetings ensures the highest security. If you additionally allow telephone-based participation (the “Telephone and Computer Audio” or “Telephone” options), the meeting audio will be at higher risk to being intercepted due to it traveling unencrypted on the traditional telephone network.
• For Public and Large Zoom Meetings. For those of you who host large Zoom meetings where the link to join is public or widely distributed, you should know that preventing “Zoom bombing” requires you to take additional steps. Review this site for best practices on protecting your meetings:  https://www.pcmag.com/how-to/how-to-prevent-zoom-bombing
• Useful Tip for Creating New Meetings. When creating a new meeting, Zoom automatically prompts you to enter a date, time, and duration for the meeting. Most of the time, specifying this information is not necessary or useful so you can experiment with bypassing it. Here’s how:
  1. When creating a new meeting, check the option for “Recurring Meeting.”
     • If using the Zoom Client app to make the meeting, also check the option for “Other Calendars” in the Calendar section, then click the ‘Schedule’ button.
     • If using the website to make the meeting, also select “No Fixed Time” in the Recurrence drop-down menu, then click the ‘Save’ button.
  2. Now click the ‘Copy Invitation’ button, and paste that text into an email or into the Outlook calendar meeting invitation to share it with your meeting participants.
  3. That’s it. This meeting will now stay in your meeting list, and can be started and stopped whenever you want by clicking ‘Start meeting’/’End Meeting’.  You can use it over and over again without need to send people a new invitation. Also, the meeting information doesn’t include redundant and confusing time/date information.
• Review this newly published technical guide to Zoombombing self-defense by Palante Technology Cooperative, NCB’s website developer. This detailed guide describes steps to take and settings to adjust before, during and after a Zoom event to protect our communities from Zoombombing and other intrusions or disruptions. The guide accompanies their recent post about how Zoombombing works and how we can use existing community safety principles and practices to defend our work and our people in virtual spaces. They allowed us to share their resource with you in case the above technique does not work for your Zoom meetings (added 4/23/20).