Online meetings are a routine part of office life—especially if you are working remotely. But there are security risks in these meetings:
- Uninvited guests – real people being disruptive, or bots flooding the meeting with spam or malicious links. This might happen if the link or password to the meeting was leaked
- Leak of information – perhaps through sharing your screen, or revealing something sensitive in the background
- Or even deepfakes, or impersonation through realistic audio and video—someone pretending to be someone they are not.
Uninvited guests were a regular occurrence during the pandemic, as remote working became the common pattern. Quality, convincing deepfakes are new.
But why join your meetings?
They may be motivated by access to confidential or sensitive information or by the chance to drop malware links into the meeting chat. Activists may want to disrupt your meeting to make a point, or a scammer may want to manipulate someone in your organisation into sending them money.
What can you do to protect yourself?
We suggest:
- Use reputable tools with end-to-end encryption, and set password protection on your meetings
- Use the waiting room features to check who you are letting into the meeting
- Use a virtual background to hide what people can see
- Block everyone except the host from sharing their screen, to reduce the risk of someone grabbing the screen-share with something inappropriate
- Be very aware of what you are sharing when you share your screen; make sure you understand the sharing features in the tool you are using to minimise what is shared
- Consider turning notifications off—so you don’t receive a revealing message on your screen when sharing
- And don’t forget to let attendees know if you are recording the meeting or using AI to summarise it—and store those recordings securely.
Can you detect a deepfake?
Technology, and the cyber criminals using it, are getting ever smarter, but we suggest that you look for anomalies. These might be in the way that someone looks, sounds or behaves on screen:
- Perhaps their movement or voice quality seems odd.
- Consider whether the lighting seems consistent between the background and the person, and look for visual distortions.
- Think about whether that person is exhibiting out of character behaviour or making suspicious requests for information or for you to click a link.
- Consider whether they are creating a sense of urgency in what they are asking for.
There are tools out there to help with deepfake detection, if you feel you need it, but don’t forget to get the basic security measures in place too.