Protect your Zoom Meeting from Zoom-Bombing

Summary

Protect your Zoom Meeting from Zoom-Bombing.

Body

What is Zoom-bombing?

Zoom meetings can be vulnerable to Zoom-bombing, where unauthorized participants join a meeting and disrupt it by sharing inappropriate content, offensive messages, or unwanted video and audio. Public events, open meetings, and recurring sessions are more likely to be targeted.  

Unauthorized participants typically gain access when: 

  • Meeting IDs, passcodes, or meeting links are shared on public websites or social media. 

  • Security features are not enabled when scheduling meetings. 

  • A Personal Meeting ID (PMI) is used for every meeting. 

The following recommendations can help protect your meetings and participants. We strongly recommend reviewing these settings, especially for meetings with more than 48 participants, as hosts cannot view all participants on a single Gallery View screen.

 

Overview

  1. What you'll need
  2. Steps to take when scheduling your meeting
    • Enable at least one security feature
    • Keep meeting links private
    • Consider Zoom Webinar for credit courses
  3. Steps to take when your meeting starts
    • Use in-meeting controls
    • Use Host tools
      • Participant settings
      • Advanced settings
    • Chat controls
    • Remove participants
    • Verify your meeting security
    • Review your security settings
  4. What to expect
  5. If something goes wrong
    • How to handle meeting disruptions
    • Report Zoom-bombing

 

1. What you'll need

  • An active SFU Zoom account
  • Access to Zoom meeting settings
    • Hosts and Alternative Hosts can adjust settings before meeting starts; Co-Hosts can only change settings during the meeting
  • A plan for how participants will access the meeting (for example, SFU users only, authenticated users, or registered attendees).

 

2. Steps to take when scheduling your meeting

Enable at least one security feature

When scheduling a Zoom meeting, enable at least one of the following security features: 

  • Require a Passcode (enabled by default)

  • Enable the Waiting Room. The Waiting Room allows the host to review participants before starting the meeting

  • Require authentication to join. Restrict access to participants who are signed in to Zoom. Common authentication options include: 

    • SFU Zoom Account Users: Restricts access to users with an active SFU Zoom account. 

    • SFU Email Users: Requires participants to join using their SFU email address. If they have not activated their Zoom account, they will be asked to complete the sign-in process before joining. We recommend using this option with registration for internal events that are open to the SFU community. 

                   Security options

 

Keep meeting links private

Avoid posting meeting links on public websites. Don't post meeting links on public websites, social media, or public calendars, as this may allow unauthorized individuals to join your meeting. For open events, we recommend enabling registration so that participants must register before receiving the meeting link.

 

Consider using Zoom Webinar for credit courses 

For credit courses that meet regularly throughout the term, consider using a Zoom Webinar instead of a standard Zoom Meeting. IT Services can provide webinar licenses and assist with setup. Please submit a request for course webinar access. 

 

3. Steps to take when your meeting starts

Use in-meeting controls

During a Zoom meeting, hosts and co-hosts can use the following controls to reduce disruptions and maintain a productive environment: 

  • Disable participant video

  • Mute participants upon entry

  • Prevent participants from renaming themselves

  • Restrict screen sharing to hosts or presenters

  • Control who participants can chat with

  • Remove unauthorized or disruptive participants

 

Host tools 

Host Tools are available once you start a Zoom meeting. They can be accessed from the meeting toolbar or by clicking on the Meeting Information icon in the upper-left corner of the meeting window. Zoom meeting controls

 

Participants (Host tools)

Setting Information
Suspend participant activities This will stop all participants’ activities: including:  Video, Audio, Screen sharing, and Joining the meeting. We recommend using this feature only for presentation-only sessions where participant interaction is not required.
suspend participant activity button
Chat, Rename, Unmute, Start video, Record to computer, Request to record The host can enable or disable permissions using the corresponding toggle switches.
Participant control options

 

Advanced (Host tools)

Setting Information
Focus mode Highlights the presenter video while hiding participants' videos from one another. Hosts and co-hosts can still see all participant videos.Focus mode toggle
Share

Select Host only unless participant screen sharing is required. 

Host only sharing

 

Chat Controls

Configure chat settings to reduce unwanted or inappropriate messages:

  1. Select Chat, then click the More (•••) menu.
  2. Under Participants can chat with, select one of the following: No One or Host and Co-hosts.
      Chat control options

 

Remove participants 

  1. Select Participants from the menu/toolbar, then click the More (•••) menu beside a participant's name.
  2. Select Remove to remove any unidentified or disruptive participant from the meeting.
     Participant Removal button

 

Verify Your Meeting Security 

You can verify your meeting's security by checking the green security indicator in the upper-right corner of the Zoom meeting window:Meeting Security Status Indicator

The green indicator confirms that: 

  • Your Zoom meeting is connected through the Canadian data centre.

  • Enhanced encryption is enabled.  

If you do not see the green indicator: 

  • Review your network configuration if necessary.

 

Review the security settings for your meeting

Select Security Settings and make sure they're set as intended.
 Security settings overview

 

4. What to expect

  • Unauthorized participants are less likely to gain access to your meeting
  • Participant audio, video, chat, and screen-sharing permissions can be controlled throughout the meeting
  • Hosts can quickly respond to disruptive behaviour using Zoom's built-in moderation tools

 

5. If something goes wrong

How to handle meeting disruptions

If unauthorized participants join:

  • Remove the participant immediately
  • Enable or use the Waiting Room via Host tools
  • Avoid reusing or publicly sharing meeting links

If participants are disruptive:

  • Mute participants or disable video
  • Restrict chat permissions
  • Use Suspend participant activities if needed

If participants bypass controls:

  • Enable authentication requirements
  • Restrict screen sharing to Host only
  • Prevent participant renaming

If your meeting is actively being Zoom-bombed:

  1. Suspend participant activities
  2. Remove disruptive participants
  3. Re-enable features as needed

 

Report Zoom-Bombing

If you believe your meeting has been compromised or experiences disruptive activity, report the incident to IT Services as soon as possible. IT Services may be able to review meeting logs and provide additional information to assist with the investigation. 

 

Details

Details

Article ID: 15349
Created
Wed 6/24/26 7:04 PM
Modified
Wed 7/15/26 12:40 PM