Everyone has a smartphone — OK, except toddlers. So we take the convenience of being connected to everything at all times for granted. But are we risking big problems by storing and transmitting so much data to and from our trusted electronic companion?
Would you send credit card info to anyone from your phone? This is never a good idea. But even if you are one of the users who would never send financial info, you may not be aware that all your electronic contacts and even personal photos and videos are potentially exposed to theft. We do not think twice about storing crucial and sometimes confidential info in our phone's memory. Many people have memos or texts that contain passwords stored right on their phone.
Of course one should always keep the phone at close hand and install software to help locate the phone and wipe it remotely if necessary. But have you ever contemplated that the convenience of connecting to your phone with your ear bud or in-auto sound system may be your biggest risk? Yes, Bluetooth is one of the greatest features of our phones, but you should always use it with caution.
The main methods of using Bluetooth to hack are scanning, pairing and gathering info without detection. Some specific examples follow.
- Bluejacking sends an unsolicited message to an unsuspecting smartphone user.
- Bluesnarfing allows access to a user's personal info in the smartphone; if the hacker sends corruption code, your phone will be shut down completely.
- Bluebugging is an older method of undetected access that most modern phones thwart. The hacker can do just about anything, like initiate a call to a remote phone so that the hacker essentially bugs the phone and hears everything.
YouTube videos and freeware abound for hacking Bluetooth. Here are some of the tools of the trade in case you want to read up or try your hand hacking your own devices:
BlueScanner: scan for all Bluetooth devices and associated info
Super Bluetooth: hack into contacts and text messaging
BtoBrowser: for browsing file stores in a smartphone
BTCrawler: for Bluesnarfing and bluejacking
BlueSniff: to find hidden Bluetooth devices
There are two risks that could be incorporated with Bluetooth but can be perpetrated independently as well. Physical access to your phone is probably the most dangerous vulnerability. A hacker can install programs (Bluetooth or otherwise) and steal your info, including SIM card info for cellular access. Phishing, which is a common attack, is less likely to be used in conjunction with Bluetooth but even more viable in a mobile browser due to the format and smaller address bar.
The most effective way to protect yourself is to keep your phone on your person and disable Bluetooth and Wi-Fi when not in use. When you do need Bluetooth, make sure the phone is not discoverable.
Here are some general rules for protecting your phone, thanks to VerizonWireless.com:
- Get software that allows you to lock, locate, and wipe your device
- Always use a PIN or password to lock phone
- Only download apps from trusted stores
- Back up data
- Keep OS and apps updated
- Log out of sites after you make a payment
- Turn off Wi-Fi and Bluetooth when not in use
- Avoid giving out personal information
Enjoy your phone and all its conveniences; but be careful out there!
This article is published as part of the IDG Contributor Network. Want to Join?