Data breaches and hacks are now a common part of our day-to-day lives and unless you’re a cybersecurity professional or your personal data is at risk, you don’t really care if a new vulnerability has been exposed.
As the Federal Trade Commission notes, over five hundred million users of the Marriott hotel chain had their data compromised in a hack that targeted the company in 2018. The international hotel chain isn’t the only one being targeted by malicious hackers, though.
The problem extends even to regular users. Since the start of the year, we have seen more daring exploits that have attempted to capture user data in some exciting (and scary) ways.
1. Smartphones Now Coming with malware Preinstalled
In January of 2019, a weather app that came with all Alcatel smartphones was found to contain malware within the source code of the application. Sources say that the app is also available on the Google Play store, and it has been downloaded and installed over ten million times.
The app was responsible for harvesting user data and shunting it to a database located in China. However, the breach doesn’t stop there, as the app also subscribed to the user’s number to a call service that generated HUGE payments for the owner.
2. Smartphone Unlocking Issues
These are a series of exploits that users of the most sophisticated smartphones on the planet had to endure. HackRead noted that earlier this year users discovered that they could bypass the Samsung S10’s fingerprint feature by using a clear phone case or some cellophane and anyone’s fingerprint. It’s also mentioned that the S10’s facial recognition software was easily fooled into unlocking by using a video of the owner.
Samsung isn’t the only culprit here, as the Nokia 9’s PureView fingerprint sensor was discovered to be defeated by a pack of gum. Users of these phones would have been subject to easy hacks that almost anyone with the knowhow could implement.
3. Smart TVs Sharing User Information to Big Tech Companies
While there isn’t any framework in place as to what data Smart TVs collect from us and what it can potentially send, the Financial Times reports that the devices are sending personal user data they collect to Big Tech companies, like Facebook and Google. Smaller companies like Netflix are also receiving this data, even if the user in question doesn’t own an account on the site. The sharing of personal data has become a hallmark of security breaches. Smart TVs are only one of the devices that have been doing so with parent companies.
These hacks demonstrate how vulnerable devices in the modern world are. Even heavily secured systems can fall prey to dedicated hackers given the right incentive. There has been an increase in the incidence of data breaches and leaks over the last year. The only way for a user to be sure that they aren’t going to end up falling prey to malicious applications and their originators is to keep up to date with the happenings around them.
How to protect yourself from such attacks?
You will be aware of the threats that come to you via e-mails. They come in many guises and are usually quite easy to identify – if you know where to look. Check out the sender’s e-mail address. Typically, the name displayed will be of the trusted organization, but the e-mail address from which it sent will be quite clearly not them. Never respond to these phishing e-mails, by replying you are confirming to the sender that they have a legitimate e-mail address.
If the e-mail’s content is sent from an authentic organization, there will be no spelling mistakes or requests for personal data. Never click on a link that the e-mail has provided. Contact the alleged sender by the details on the genuine website. An authentic bank, for example, would never request that you input personal details, and even if the e-mails say that they have identified a security breach that you need to clarify, your bank would telephone you or contact you via letter.
Your passwords need to be complex. Never choose your date of birth, the name of your child, or another piece of information that could be found in the public domain. Each app and website that you need to log on to should have a different password. Remembering all your different passwords can be troublesome, and as it is advised that you don’t jot them down, you can use heavily encrypted software to store the passwords.
Software security updates are regularly distributed by service providers. They are released as new threats and viruses are identified, and failing to update your desktop or other devices means that you are not protected by the latest security versions of the software. While you may think that the update is only to fix cosmetic bugs, the reality is that the updates contain essential security fixes that have been coded to protect you, the user.
The information that you provide websites and apps is enough for hackers to exploit you for their benefit. Think about what you sign up for and the information that you are providing. It is prudent to have a separate e-mail address that you can use for the non-important communications: newsletters, competitions and the such like. Update your devices as and when requested to, and choose passwords that are complex to make life as hard as possible for the scammers.
Eric Silver at CloudWedge.com is a veteran technology blogger and startup enthusiast who has been covering the global technology scene since the most advanced phones were still folding in half.