Secure Your Zoom Webinars

Third-party services sometimes scrape and redistribute Zoom webinars without consent, often by registering with fake identities and using screen-capture tools. This guide covers how to configure registration, authentication, and monitoring settings to protect your webinar content before, during, and after your session.

Quick Links: | Prerequisites | Instructions | Troubleshooting |

Third-party services actively scrape and redistribute Zoom webinars and meetings without the host's knowledge or consent. These operations typically gain access by registering for sessions with fake identities, then use screen-capture tools to record and republish content on their own platforms. This has affected universities, nonprofits, government agencies, and businesses worldwide, sometimes exposing sensitive discussions, attendee names, and contact information. Taking a few minutes to configure your Zoom settings before each webinar can significantly reduce the risk of unauthorized recording and redistribution of your content.

Prerequisites

Before following this guide, make sure you have the following:

1. A Zoom Webinars license
2. Host permissions for the webinar or meeting you are configuring
3. A basic familiarity with Zoom's webinar and meeting scheduling interface

Secure Your Webinar

Securing a webinar is an ongoing process that spans planning, the live session, and post-event follow-up. The steps below are organized into three phases: pre-event configuration, live session monitoring, and additional precautions for higher-risk events.

Configure Security Settings Before Your Webinar

To reduce unauthorized access before your session begins, do the following:

1. From the Zoom web portal, open the settings for your scheduled webinar.
2. Under Registration, enable Required so that all attendees must register with their name and email before joining. Avoid using open-access links that let anyone join without registering.
3. Under Authentication, select Require attendees to authenticate to join. When your audience is limited to Chico State, restrict authentication to Sign in on SSO (Chico Users Only). This is the single most effective way to prevent uninvited guests.
4. Avoid re-using previous scheduled webinars or making recurring webinars. Do not reuse join links from previous sessions, as old links may have been shared or scraped.
5. Share your join link and passcode only through controlled channels such as direct email or your Canvas course. Never post a direct join link on public-facing websites or social media.

Monitor and Control Your Live Session

To maintain security once your webinar is underway, do the following:

1. Before going live, review your registration list and remove any entries that appear suspicious, such as names you do not recognize or email addresses from unfamiliar domains (e.g., @bestwest.space or @lightconnect.space).
2. Once all expected attendees have joined, select More > Lock Webinar to prevent additional participants from entering the session.
3. Monitor the participant list throughout the session. If you see an unfamiliar attendee who is not engaging or whose name does not match your registration list, select their name and choose Remove.
4. From the host toolbar, select Participants > More and confirm that Allow Attendees to Record Locally is disabled. Note that this setting makes it more difficult for attendees to record the webinar, but it does not prevent screen recording software like Camtasia, OBS Studio, or similar applications from recording the webinar. 
5. Assign at least one co-host or moderator whose dedicated role is to monitor participants, manage chat, and handle Q&A so that the presenter can focus on content.

Apply Additional Precautions for Higher-Risk Events

For webinars that involve research presentations, sensitive topics, guest speakers, or confidential discussions, take the following additional steps:

1. When configuring registration, select Manually Approve registrants rather than using auto-approval. Review each registration individually and reject any you cannot verify.
2. From Settings > In Meeting (Basic), enable Add watermark that identifies the viewing participant. This superimposes each attendee's email address onto the content they see, deterring unauthorized screenshots and recordings. Note that you will need to require participant authentication to the webinar. 
3. If you plan to distribute a recording after the event, share it only through authenticated channels (such as a Canvas module or a Kaltura link that requires sign-in) rather than posting it publicly.
4. Remind panelists and guest speakers not to share their personal join links with anyone outside the approved attendee list.

Respond If Your Content Is Scraped or Redistributed

If you discover that your webinar has been recorded or redistributed without your authorization, take the following steps:

1. Do not respond directly to the third party or engage with any promotional emails they send (e.g., emails from services like WebinarTV notifying you that your content is "now available" on their platform).
2. Preserve all communications you receive, including emails, links, and screenshots of the unauthorized content.
3. Contact Learning Technology Services immediately so the university can assist with takedown requests, DMCA notices, and any necessary follow-up.
4. If appropriate, report the incident to Zoom's Trust & Safety team.

Troubleshooting

If you require authentication but some of your intended attendees do not have Chico State Zoom accounts (for example, external guest speakers or community partners), you can set authentication to Require Zoom Account instead of restricting to a specific domain. This still prevents anonymous access while accommodating external participants. For more detail on configuring authentication profiles, see Zoom's authentication profile documentation.

If you suspect an unauthorized AI transcription bot or note-taking tool has joined your session (these sometimes appear as named attendees like "Otter.ai" or "Notta"), remove them immediately from the participant list and lock the webinar. These tools are a known vector for content scraping.

For a deeper overview of webinar security options, see Zoom's guide on keeping your Zoom webinars safe and disruption-free.