My wife just ran an educational seminar on @zoom_us for a volunteer organization she helps and ... we witnessed our first Zoom bombing!
Slide defacing, violent threats, racial slurs - the works!

Reported to trust @ zoom.
But that won& #39;t stop me from investigating on my own! https://abs.twimg.com/emoji/v2/... draggable="false" alt="🤠" title="Cowboy hat face" aria-label="Emoji: Cowboy hat face">https://abs.twimg.com/emoji/v2/... draggable="false" alt="😉" title="Zwinkerndes Gesicht" aria-label="Emoji: Zwinkerndes Gesicht">

They used a unique ID and password but distributed the invite too widely IMO https://abs.twimg.com/emoji/v2/... draggable="false" alt="😕" title="Verwirrtes Gesicht" aria-label="Emoji: Verwirrtes Gesicht">

The default logs (PRO acct) leave *quite* a bit to be desired.
I may setup up Zoom event API (via webhook) as shown by @MSSPete: https://twitter.com/ItsReallyNick/status/1255320077580320770?s=20">https://twitter.com/ItsReally... (overkill for charity, but fun for next time)

I& #39;ll also have them disable the annotation feature (In Meeting > Basics).
Though a birdie tells me they& #39;re switching to @MicrosoftTeams anyway https://abs.twimg.com/emoji/v2/... draggable="false" alt="🙃" title="Auf den Kopf gestelltes Gesicht" aria-label="Emoji: Auf den Kopf gestelltes Gesicht">

That said, I& #39;m pretty sure I can find these punks.
Zoom > Usage > Active Hosts:
Name (Original Name)
User Email
Join Time
Leave Time

Email not required. (will also look into that setting)

Unless email is only exposed if you use an explicit sign-up email. That is, I don& #39;t know if OAuth-based auth shows up in Zoom& #39;s Active Hosts logging. Anyone know?

Personal opinion: when it comes to security vs. usability, @zoom_us is incredibly usable!

I don& #39;t know what& #39;s important to themhttps://abs.twimg.com/emoji/v2/... draggable="false" alt="🤷‍♂️" title="Achselzuckender Mann" aria-label="Emoji: Achselzuckender Mann">, so when sending this abuse report, I try to point to TOS https://abs.twimg.com/emoji/v2/... draggable="false" alt="➡️" title="Pfeil nach rechts" aria-label="Emoji: Pfeil nach rechts"> https://zoom.us/terms 

In">https://zoom.us/terms&quo... the abuse report I just sent, I noted
d. Prohibited Use (vi)

Some free and probably legal thing you can do for those attendees w/ email addresses*

https://abs.twimg.com/emoji/v2/... draggable="false" alt="1⃣" title="Tastenkappe Ziffer 1" aria-label="Emoji: Tastenkappe Ziffer 1">Thank them for attending the event inviting them to complete your survey/webhook using a tracking pixel [pictured]

THEY& #39;RE VIEWING NOW. https://abs.twimg.com/emoji/v2/... draggable="false" alt="🤣" title="Lachend auf dem Boden rollen" aria-label="Emoji: Lachend auf dem Boden rollen">

*burner emails? compromised? are people this dumb?

https://abs.twimg.com/emoji/v2/... draggable="false" alt="2⃣" title="Tastenkappe Ziffer 2" aria-label="Emoji: Tastenkappe Ziffer 2">Compose an email, view profile image/details on the respective service.
Use full-size original image (drop passed URL parameters) + @TinEye / Google reverse image search / others? (suggestions?)

https://abs.twimg.com/emoji/v2/... draggable="false" alt="3⃣" title="Tastenkappe Ziffer 3" aria-label="Emoji: Tastenkappe Ziffer 3">Check *IF* you can register for social media on that account or if already exists

https://abs.twimg.com/emoji/v2/... draggable="false" alt="🔢" title="Eingabesymbol für Ziffern" aria-label="Emoji: Eingabesymbol für Ziffern"> I have a few other tricks for each service provider that I think are clever & legal (after reviewing TOS)... but I& #39;m not comfortable broadcasting them since they& #39;re used in the occasional attribution investigation.

A bunch of y& #39;all do professional recon... what& #39;d I leave out?