Looking for love this Valentine’s Day? Remember: safe online dating requires good hygiene. Digital hygiene.
A new study released this week by IBM found over 60 percent of leading dating Android mobile apps they studied are potentially vulnerable to a variety of cyber-attacks that put personal user information and corporate data at risk. Fully 26 of the 41 dating apps they analyzed on the Android mobile platform had either medium or high severity vulnerabilities, according to IBMs ratings. The same goes for the safety with online casino apps where it’s important to scrutinize the safety of individual apps in order to find the casinos with the best reputation in this department.
The study has implications for both individuals and corporations, which now routinely allow employees to “bring your own device” for work. That means company data is intermingled with online dating apps that might not be safe.
Here’s what IBM found:
- Dating App Used for Malware: The anticipation of receiving interest from a potential new date is just the sort of moment that hackers thrive on – when users let their guard down. Some of the vulnerable apps could be reprogrammed by hackers to send what seems like a message that asks users to click for an update or to retrieve a message that, in reality, is just a ploy to download malware onto their device.
- GPS Information Used to Track Movements: IBM found 73% of the 41 popular dating apps analyzed have access to current and past GPS location information. Hackers can capture a user’s current and past GPS location information to find out where a user lives, works, or spends most of their time.
- Steal Credit Card Numbers From App: 48% of the 41 popular dating apps analyzed have access to a user’s billing information saved on their device. An attacker could gain access to billing information saved on the device’s mobile wallet
- Take Control of a Phone’s Camera or Microphone: All vulnerabilities identified can allow a hacker to gain access to a phone’s camera or microphone even if the user is not logged into the app. This means, an attacker can spy and eavesdrop on users or tap into confidential business meetings.
- Hacker Can Hijack Your Dating Profile: A hacker can change content and images on the dating profile, impersonate the user and communicate with other app users, or leak personal information externally to affect the reputation of a user’s identity. This poses a risk to other users, as well, since a hijacked account can be used by an attacker to trick other users into sharing personal and potentially compromising information.
“Consumers need to be careful not to reveal too much personal information on these sites as they look to build a relationship with another user on these dating apps,” said Caleb Barlow, Vice President, IBM Security. “Our research demonstrates that some users may be engaged in a dangerous tradeoff – with increased accessibility resulting in decreased personal security and privacy.”
It’s not easy to adjust privacy settings on most apps — many won’t work if you turn off certain features — but users should at least restrict app access to location information as much as possible. Obviously, with an app like Tinder, which lets users find potential makes who are nearby, that’s not possible, so use your judgment.
Most critically, users should avoid revealing too much in dating profiles. Even something innocuous like a pet’s name could make someone more vulnerable to a hack later — many sites use pet’s name as a security question. And don’t forget, online dating profiles can remain online long after you’ve found love. It’s good data hygiene to remove profiles when they aren’t necessary any longer. It’s probably good for domestic tranquility, too.
Be the first to comment