When online meetings became the norm during the pandemic, hackers and miscreants alike have begun using new modes of attacking users. Some attacks, such as popping in and out of meetings uninvited, have been harmless in nature but the potential behind them does raise concerns. Not everyone has simple fun has a motive, and hackers do tend to use any means necessary to obtain what they want.

Here are some common means of attack that have been observed in the past months:

• Meeting bombing – Uninvited users join video conferences and either listen or disrupt the meeting. Disruption usually comes in the form of sharing inappropriate media. Meeting bombing is typically possible when: (1) the meeting does not require the password or, (2) the attacker is able to discover or guess the meeting details.
• Malicious links in chat – When an attacker has access to the meeting, they can trick participants into clicking on malicious links shared via chat. They often allow the attacker to steal credentials.
• Stolen meeting links – Attackers can steal meeting links that are often reused. It is recommended to either be notified when someone joins the meeting without the host or disable the ability to join a meeting before the host begins it.
• Malware – Attackers have the ability to spread malware through the meetings. It is recommended to protect from malicious activity by layering security at the endpoint and in the network.

Knowing what to expect from hackers will make it easier to ward off most attacks. When and if possible, it would be best to avoid sharing links/information during an online meeting and instead sending them through email. Upgrade cybersecurity measures employed by those involved—whether it be cybersecurity practices or applications—will also help provide more security. Double-checking the security of the platform adds another layer of protection and caution as well.

Attending cybersecurity seminars, which are becoming more common, will also expand on basic knowledge that will aid in fighting against cyberattacks.

This content is part of the Banker’s Association of the Philippines’ (BAP) #CyberSafe campaign, where the BAP aims to promote awareness in cybersecurity. The campaign will upload new posts tackling common web security questions and issues, on Wednesdays and Sundays every week.

For more content on cybersecurity, visit the BAP Official YouTube channel.