Is my smartphone listening to me? How to stop targeted ads and hackers
Sometimes I feel like I spend all day avoiding attacks on my digital identity. I wake up to sneaky text messages asking me to click on links. I delete them. Brush my teeth.
Open my email and voila! Fake contest emails—from my own email address, no less—telling me I won everything from a drill to a Yeti cooler. I delete them too. By noon, I’ve silenced at least half a dozen robocalls, and at least once a day I see a Facebook ad for something I recently talked to my husband about—is Siri eavesdropping on me, too?
I’m obviously not alone. With so many scams floating around, we’re all starting to see privacy risks around every mouse click, even where they might not exist, like in a Snapchat filter.
The recent midterm elections and the upcoming Black Friday/Cyber Monday online shopping extravaganza have only intensified these concerns. If you haven’t received at least a hundred unsolicited text messages—again, with sketchy-looking links—consider yourself lucky.
Where is all this going? Are we forever doomed to a future of digital paranoia, and the threat of cybercrime, stolen money, identities or worse? Is there a way to break free from all these shady spammers, scammers and thieves?
The good news is: It’s all a lot less scary when you realize what’s going on.
Now you know:7 default settings tech companies never want you to change
An email from myself?
I get emails from myself all the time…only I never sent them. They are often small scam messages claiming that I have won something or that I have unclaimed funds somewhere. Or even more annoyingly, that I’ve been hacked “watching porn” on my laptop and better pay – or else.
Spoiler alert, it’s not about watching porn or getting hacked, these are among the most common threats.
You will probably get these as well. No doubt it’s disconcerting to see your own email address in the “From” line, but how does it happen?
Unfortunately, it’s simple. The email addresses that are filled in when you open an email are rarely verified, especially if you use a free email service. By using a less secure Simple Mail Transfer Protocol (SMTP) server, a fraudster can just type in whatever they want the “To” and “From” addresses to say.
Someone using one of these servers—a scammer can just set one up himself—can make an email look like it came from anyone, including you. It really is that simple.
As annoying as it is to change an email service, you can avoid these fake emails and eliminate a whole lot of spam and scam messages by switching to a secure email provider.
ProtonMail is popular these days. It’s free for a private email account, and since it uses more advanced protocols than most free services, it detects fake emails so you don’t have to.
Online fraud targeting veterans and active duty members. How to protect yourself.
Oh, passwords. I don’t know of a single person on the planet who actually likes the password system, but there’s no way around them…or is there?
“Passwords have been the standard mechanism for authentication since the dawn of computer technology,” Bob Eckel, president and CEO of Aware, a biometrics software company based in Massachusetts, tells me via email.
“They do not require additional or special hardware, there are no compatibility issues and they are a cost-effective option for companies and enterprises of all sizes, which is why they remain the best for identity or authentication use today.”
The biggest problem with passwords is that they are far less secure now than they were a couple of decades ago. Modern hackers use more advanced techniques, and most of us don’t practice good password hygiene, such as using a different password for each account.
If you use your birthday, maiden name, pet’s name, or one of the most easily hacked passwords on the planet, like 1234, or “password,” you’re just asking to be scammed.
Companies like Apple and Google pioneered new methods of securing digital devices like smartphones and even laptops, but individual accounts for the millions of apps we all use still require passwords. Our own fears and apprehensions are a large part of the reason why certain biometric technologies are not catching on as quickly as they could.
RNC Sues Google Over Email Spam Filters: Claims “bias against Republicans” ahead of midterms
“Certain segments of the public, such as baby boomers, continue to be weary of facial authentication; instead, they are much more susceptible to fingerprints. Therefore, we must continue our mission to educate both organizations and consumers about the technology and special techniques used to make facial authentication highly safe, secure and accurate,” says Eckel.
While we wait for passwords to catch on, using features like Apple’s “Sign in with Apple” can effectively bypass many app login requirements and use your smartphone as the default for verification.
It’s also much more convenient than making up a new password for every app, and lets you use FaceID or TouchID (depending on your device) to sign in to just about anything.
The man who lied about being a millionaire: Fake Navy SEAL stole up to $1.5 million in romance scam, DOJ says
Is Siri listening?
Do you ever see an ad for something you were just talking to a friend about, within earshot of your phone?
It’s easy to assume that since our phones are constantly listening to us — waiting for the trigger word, like “Hey Siri,” “Ok Google,” or even “Alexa” — that they might be working behind the scenes to serve us relevant ads. It’s not quite right, but it’s not too far off either.
“Our phones are designed to listen, first and foremost, to help us practically, which may explain why you might be shown ads that are directly related to a conversation you just had,” adds Eckel. “It’s similar to how search engines work by tracking your activity to ensure it provides the most relevant results.”
But it’s important to note that Apple, Amazon and Google have all stated that they treat the audio from their respective virtual assistants with the utmost security and privacy.
Tab congestion? How to control what happens when you start the browser
You may get a relevant ad on your computer, related to a voice message if you choose to search Amazon’s marketplace using, say, Alexa, but having a background conversation with a friend is not why you get these ads.
The more likely scenario is that your desktop or mobile searches triggered an advertising algorithm to suggest the relevant products to you.
I know it may seem creepy and weird, but unless the big three companies are lying through their teeth – and security researchers haven’t caught them yet – it’s just a coincidence and a cleverly designed ad system.
It’s not you, it’s them: Google, Alexa and Siri can answer even if you haven’t called
Steps to be safer online
What can you do about it all? Here are some simple steps you can take to search for information online as privately as possible these days:
- Use a privacy-focused search engine that doesn’t collect as much data about your habits as Google. Options here include DuckDuckGo or Brave Search.
- Disable your Mobile Ads ID on your smartphone and tablet, and block ads in your laptop and desktop browser. By default, most smartphone apps collect tons of data about your behavior. There are easy ways to disable these features in the settings on iPhone and Android running Google’s operating system.
- Use an ad blocker like Ghostery or AdBlock Plus.