I recently presented to local
If you are looking for the highlights, I’ve listed the major threats and some protection advice below. The best protection method is to always think before clicking, whether installing an app or following a web link.
Hidden and Fake Apps
While Google Play and Apple’s iTunes/App Store have security guidelines in place for app developers, users are still vulnerable to fake or hidden apps on their mobile devices.
One method is for scammers to send a text message with an invitational link to download an app. This app may look like a legitimate banking app and the text may appear to be from a national banking chain, but the app may be specially designed to trick you into entering your banking credentials and other passwords. This threat is especially prevalent in the Android market. Take time to look up the app in the app store, read reviews and download statistics, and check the app description for grammatical errors or typos.
Popular games like Fortnite also create a flurry of fake apps and add-ons. As Epic (developer of the popular Fortnite game) moved the game outside of the Google Play store for Android users, opportunities developed for scammers to advertise their version of the Fortnite game. You should always download games and apps directly from the app store or game developer website.
Home (Invasion) Assistants
The McAfee report also indicates that many smart home assistants (Amazon Alexa, Google Home) are setup with minimal security settings. The password may be weak and insecure, the wireless network itself may be easy to hack, or failure to run firmware upgrades on your IoT devices might allow hackers to use known vulnerabilities.
As IoT device offerings continue to grow in the home-device market, it is important to do your research and make sure you are buying a product with a reputable security controls. An off-brand product may be taking advantage of explosive growth in the market to offer a cheaper product with little security oversight.
Tools that allow users to segment or subnet their home network are increasing in ease-of-use and availability. Most business networks will have some items in a subnet, to increase network efficiency and prevent open communication to specific types of devices/users.
Read The Manual
While your 12-year-old may be able to add devices to your wifi if you provide the username and password, there is often more to setup than just network access. Read through the installation manual, look online for an authorized support forum if you have questions, and make sure that you know how to check a log of activity on your device. Constant (network) connection also requires constant vigilance.
Leslie is Marketing Manager at ITS, with a background in K-6 Education. She enjoys designing classroom activities and presentations that help students develop an interest and awareness in IT Security.