Tag: data privacy

stealing your personal data

Are apps stealing your personal data? Part Three

In the last two posts, we explored how some mobile apps were malicious in nature and indulged in stealing your personal data for their gains. We also looked at a few steps that mobile app developers can undertake to bring stronger, more resilient mobile apps that don’t support dangerous activities of hackers.

In this final part, we will understand what you as an end user can do to stay vigilant and prevent mobile apps from stealing your personal data.

Note to end users – How to hackproof your smartphone

Fingerprints can be lifted. Use passcode

One of the biggest nightmares for an individual these days is losing their phone. While the hardware must have cost big bucks, what’s more vital is the loss of personal data that’s present – think emails containing sensitive information, photos, videos and more. While most of us secure our phones with fingerprints, it is not always safe as it is easy to lift prints. It is better to use strong passcodes. And if you have an evil twin, it is time to say goodbye to facial recognition as an unlocking medium as well.

Also, while smart unlock features such as unlocking phone when you reach home/office is cool, it is dangerous when your phone is in the wrong hands.

 

Activate Find My Device feature so that even if physically lost, phone can be locked or wiped

Another way to proof your data in the event you have lost your device is to track it online and lock it. You can even wipe it fully so that the hackers cannot glean anything from it. In Android, Find My Device helps to locate the device as well as lock it or wipe it. iPhone users can use Find my iPhone feature to locate their devices and even switch on Lost Mode.

stealing your personal data

Don’t reveal sensitive data while on Public WiFi

Never use Public WiFi to perform financial or business transactions as hackers can position themselves between you and the connection point and intercept sensitive personal and corporate data. Always use secure connections while performing such activities. According to a Kaspersky Lab report, one in five persons has been a target of cybercrime while abroad and a third (31 per cent) of them are senior business managers.

stealing your personal data

 

Review app permissions and EULA before installing

It is important to review what all permissions an app is requesting before completing installation. As said before some apps seek permissions for internet and location just to send targeted ads and make money. And before you know it, your phone is filled with unwanted ads.

 

While mobile apps have been a boon to smartphone users around the world, the security risks associated with them cannot be denied. It is in your own personal interest that you monitor your apps and eliminate those that you think might compromise your data’s safety. Also, lesser the number of apps and lesser the number of distractions, the more organized your phone and well-spent is your time.

apps stealing your personal data

Are apps stealing your personal data? Part One

Fire and fury. This was the feeling etched in the minds of the 2 billion strong userbase of Facebook once the Cambridge Analytica scandal came to limelight. Cambridge Analytica, a political consultancy firm based out of Dallas, US and London, UK, had assimilated data of millions of Facebook users with an app called thisisyourdigitallife, with no indication to users on how their data will be manipulated. It had then used this data to create psychological profiles of millions of people, sending them targeted ads to influence and sway their votes in the favor of Cambridge Analytica’s clients.

Has Cambridge Analytica been successful? The firm was involved and attributed in turning the tide towards Brexit by targeting voters with likeminded ads. Similarly, it was part of the Trump campaign, sending targeted ads and content to voters with specific psychological traits.

Closer home, Cambridge Analytica was found to have played in a role in the 2010 Bihar Legislative Assembly elections. Apart from this, both Congress and BJP are said to have worked with the now disgraced agency to use analytics and glean insights about Indian voters.

 

In today’s digital age, where data has become the new currency, netizens have risen in numbers against loss of private and sensitive information, and misuse of the trust they had on Facebook. In fact, in March 2018, the growing negative perception of the social media giant led to a $60 billion drop in market capitalization.

 

Mark Zuckerberg, Facebook’s CEO has since testified before the US Senate Judiciary and Commerce committees, apologized for Facebook’s lapse and has vowed to enforce stronger data protection policies.

Given this atmosphere of absolute disregard for user data privacy, are mobile apps stealing your personal data? Is your data safe? How does your data get leaked anyway? Let’s explore in this blog post.

 

How is data leaked and what happens with it?

As per ProofPoint, mobile app data theft risks can be categorized as:

apps stealing your personal data - three levels of risks

Let’s look at a few examples of how your data can be stolen by mobile apps without your knowledge:

Unwanted ads – Madware

Beware of free apps. When you are unable to ascertain how a mobile app makes money most probably you and your data are being monetized by being targeted with ads. Madware is a much more aggressive version of advertising. Madware disrupts user experience and potentially exposes sensitive information such as location, contact information and device identifiers to cybercriminals. It enters your phone when you download an app and makes changes to browser settings automatically, allowing ads to pop up over all sorts of apps.

Location and internet access for targeted adds

Sometimes apps can seek location and internet access even when they don’t require it for functional purposes. In such cases, if you provide permission without understanding about it, your location might get tracked and you will receive location-specific ads over the internet. There have been incidents where even with the GPS being off, device location was tracked using cellphone towers, accelerometer and other features without the user’s permission.

 

Monetary loss – keystroke logging

Your bank accounts may be compromised if confidential data such as passwords and access codes can be read from the phone by malicious mobile apps. Some apps demand permission to SMS and call records. Such apps may employ keystroke logging to gather information such as credit card numbers, bank account passwords and more.

 

Echo Chambers and Political Manipulations

Psychology has always been a tool for politicians to turn collective minds in their favour. Fake news is spread, hate speeches are made to instigate reactions that complement their party’s agenda. But with social media, some political strategists have gone a step further. They use illegal means to collect social media data of millions of users using apps, to analyze and form psychological traits that will sway voting choices.

It is apparent that hackers are employing various new ways to get hold of your private data for their personal gains. That politicians have jumped into the fray is distressing. Given the dangers of security lapses and data theft, what can app developers and we as users do to remain vigilant and cautious? Read our next part – Are mobile apps stealing your personal data? Part Two – to know more.

Close Bitnami banner
Bitnami