Publications
Partners
Cape Town - Love might be in the air as Valentine's Day approaches, but so are cyber criminals intent on identity theft and access to your bank account.
According to IBM, that's just what can happen. The company found that nearly 60% of Android dating applications are vulnerable to cyber attacks.
"With over 1 000 dating sites in South Africa, the potential for information to get into the wrong hands through an innocent romantic encounter, is real," IBM said.
The company used its AppScan Mobile Analyser to check functionality of hundreds of dating applications and found that most allowed potential criminals to collect valuable personal information.
Unlike traditional social networking tools such as Facebook, people generally use dating apps to meet strangers. But that opens them up to risk as it is difficult to ascertain the intentions of people you don't know.
Evil intent
In particular, IBM found that GPS technology could be exploited by criminals. GPS location data is also commonly used by dating applications to match people with those close to them.
"IBM found that 73% of the 41 popular dating applications analysed have access to current and historical GPS location information. Hackers may capture your current and former GPS location details to find out where you live, work or spend most of your day," the company said.
People with evil intent are also able to use your smartphones against you if the app allows access to the device's microphone and camera - sometimes even when the app isn't running.
"Several identified vulnerabilities permit hackers to gain access to your phone’s camera or microphone, even when you’re not logged into dating applications. Such vulnerabilities can allow attackers to spy and eavesdrop on your personal activities or tap into data that you capture on your cell phone camera in confidential business meetings," said IBM.
Be cautious about revealing your location data on mobile applications. (Duncan Alfreds, Fin24)
The company said that some common attacks were used to allow unauthorised access to smartphones or mobile devices.
They include cross site scripting, debug flag-enabled exploits and phishing attacks. These are used so that a cyber criminal can gain access to software and hardware features of your smartphone, allowing them to either install malware or steal your identity.
"If the person who you're engaging with online refuses to provide the same basic information that s/he asks of you, if their photos and profile appear too good to be true, if their profile information doesn't seem to align with the type of person you're communicating with, trust your instinct and move on," IBM warned.
Permission check
You should also check your smartphone regularly for potentially rogue apps. To do this, install F-Secure App Permissions or similar free program.
The software will scan your installed applications and search for apps that have permissions that may cost money (send SMSs) or have access to your personal information.
Some apps have access to your personal information. (Duncan Alfreds, Fin24)
You can also use the software to filter permissions. For example, you can check which apps can write to your storage, send SMSs and make calls by bypassing the built-in dialler.
"When you're fortunate enough to have found your special someone, go back to the dating site and delete or inactivate your profile rather than keeping your personal information available to others," IBM said.
- Follow Duncan on Twitter
