WASHINGTON, D.C. — Attorney General Karl A. Racine today issued security tips that District residents and businesses should follow when hosting or joining video chats. During the COVID-19 pandemic, the drastic increase in use of video chat software—Zoom, Microsoft Teams, WebEx, Google Hangouts, FaceTime, and Skype—has also brought reports of hackers gaining access to and disrupting video chats. These incidents raise questions around the security of the software, and users’ own grasp of the privacy functions on the applications. When joining or hosting a video chat, District residents should follow practical security measures to safeguard against hackers.
“District residents and businesses using video chat applications to stay in contact socially or professionally should take steps to protect themselves from hackers,” said AG Racine. “Users should learn the security features of the applications they are using and remain vigilant to protect their personal and business information while video chatting. OAG has communicated with providers of these services and is continuing to monitor for reports of security failures. Our office will work to ensure software developers are not jeopardizing their users’ privacy.”
During the COVID-19 emergency, video chat software has allowed District businesses and residents—particularly those teleworking or distance learning—to stay connected socially and professionally. Users should be aware that these applications come with some security risks. Software bugs could expose flaws for hackers to exploit, while lack of awareness of various features can leave users unintentionally exposing private information.
Video chat software users should familiarize themselves with the security features for an application or software before engaging in video chats. Users can further protect themselves and their personal information when they host or join a video chat by:
- Confirming that a meeting invitation is from a trusted sender: Do not click on meeting links from unknown senders.
- Avoiding revealing meeting IDs, passwords, or meeting links in public forums like social media: If you are hosting the meeting, share this information with your participants through private means, like email or text messages.
- Taking precautions around screenshots from your video chats: These images may contain sensitive meeting details or personal contact information that you don’t notice when capturing them. Examine any screenshot you take with a careful eye, especially before you share it.
- Checking how your audio and video features work so you can turn them on or off during the video: Knowing how to mute your mic or turn off your camera will help you avoid embarrassing moments and unwittingly sharing private information.
- Making sure hosts and participants are on the same page regarding recording a meeting: Some platforms provide recording functionality—so make sure to ask about whether the meeting will be recorded before you get started.
- Downloading software updates as soon as they are available: Make sure you’re using the most recent version of the app to keep your security features up to date.
- Protecting the meetings you host with a strong password, rather than just a meeting ID number: Do not select something that’s easy to guess, and do not reuse passwords for later meetings.
- Keeping your meetings private by “locking” them: If the app allows users to “lock” a chat to block intruders, be sure to use this once all the participants have joined.
- Requiring authentication or using “waiting room” features: Any time you’re holding a meeting involving confidential information, be sure to use these added security features so that you can screen for unintended guests.
Submit Complaints to OAG
Residents who have been hacked or scammed while video chatting, or would like to report a consumer protection violation, should contact OAG’s Office of Consumer Protection by:
- Calling (202) 442-9828
- Emailing Consumer.Protection@dc.gov
- Submitting a complaint online
OAG’s COVID-19 Resources
In response to the COVID-19 pandemic, the Office of the Attorney General (OAG) is teleworking until at least April 27. You can access OAG services online and over the phone during our telework period at:
- Website: oag.dc.gov
- Email: oag@dc.gov and OAGCommunity@dc.gov
- Phone: (202) 727-3400
- Fax: (202) 347-8922
- TTY: (202) 727-3400
For updates from OAG on COVID-19, consumer tips, resources, and warnings:
- Sign up for OAG’s newsletter
- Bookmark and visit OAG’s Coronavirus Information Page
- Follow us on Twitter, Facebook, and Instagram
Know Your Rights: Read OAG’s Consumer Alert—available in multiple languages—to protect yourself from scams, price gouging, discrimination, and to get information about consumer, worker, and tenant rights during the pandemic.
For more District Government updates about coronavirus, visit coronavirus.dc.gov