{"id":17723,"date":"2020-02-13T09:10:06","date_gmt":"2020-02-13T17:10:06","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2020\/02\/13\/news-11458\/"},"modified":"2020-02-13T09:10:06","modified_gmt":"2020-02-13T17:10:06","slug":"news-11458","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2020\/02\/13\/news-11458\/","title":{"rendered":"Cyber tips for safe online dating: How to avoid privacy gaffs, exploits, and scams"},"content":{"rendered":"

Credit to Author: Malwarebytes Labs| Date: Thu, 13 Feb 2020 16:36:45 +0000<\/strong><\/p>\n

Research and reporting on this article were conducted by Labs writers Chris Boyd<\/a>\u00a0and David Ruiz<\/a>.<\/em><\/p>\n

Dating apps have been mainstream for a long time now, with nearly every possible dating scene covered\u2014casual, long-term, gay, poly, of the Jewish faith, interested only in farmers\u2014whatever you’re looking for. Sadly, wherever you find people trying to go about their business, you’ll also find others quite happy to intrude and cause problems.<\/p>\n

Multiple pieces of research regularly highlight<\/a> potential privacy flaws or security issues with dating apps galore<\/a>. All this before we even get to the human aspect of the problem\u2014no wonder online dating is exhausting.<\/p>\n

Breaking into online dating circles<\/h3>\n

Dating apps are an unfortunate juicy target for cybercriminals, who will use any vulnerability\u2014from software to psychological\u2014to achieve their goal. Because it’s important to remember: Dating apps store more than just basic personally identifiable information (PII)<\/a>. They include sensitive data and images people might not be comfortable sharing elsewhere, which gives cybercriminals added leverage for blackmail, sextortion<\/a>, and other forms of online abuse.<\/p>\n

To start, the dating apps and sites themselves may not be safe from prying hackers looking to slurp user details. There\u2019s the infamous 2015 compromise of cheating site Ashley Madison<\/a>, or last year’s badly-timed announcement from dating app Coffee Meets Bagel, who informed users about a data compromise<\/a> on Valentine’s Day.<\/p>\n

How about location-based dating apps, like Tinder? In 2019, location-based dating app Jack’d allowed users to upload private photos and videos, but didn’t secure them on the backend, leaving users’ private images exposed to the public Internet<\/a>. Now combine that with the ability to pinpoint a user’s exact location or track them on social media, and the end result is rather frightening.<\/p>\n

Finally, online dating can wreak havoc in the workplace, too. If your organization supports a bring your own device (BYOD) policy, security vulnerabilities in dating apps could cause additional risk<\/a> to your own reputation, as well as the company’s networks and infrastructure. (Though to be fair, you could argue \u201cadditional risk\u201d is part and parcel of any BYOD policy<\/a>.) A 2017 study by Kaspersky<\/a> found that mobile dating apps were susceptible to man-in-the-middle attacks, putting any data or communications with the enterprise conducted via mobile device in danger.<\/p>\n

Hints and tips for safe online dating<\/h3>\n

There are too many dating apps and websites out there to be able to give granular advice on privacy settings and security precautions for each and every one. However, a lot of security advice in this area is about common sense precaution, just as you would while dating in the real world. Many of these tips have been around forever; some require a little cybersecurity education, and a few rely on newer forms of technology to ensure things go smoothly.<\/p>\n

Time to go hunting<\/h4>\n

Deploy some Google-Fu: One of the very first things you should do is a search related to your prospective date. There may well be multiple alarm bell\u2013ringing search results for a troublesome dating site member all under the same username, for example. Or you could stumble upon multiple profiles begging for money on different sites, all using the same profile pic as your supposed date.<\/p>\n

Checking photos and profile pics is a good idea in general. Use Google image search, Tineye<\/a>, and other similar services to see if it\u2019s been swiped from Shutterstock or elsewhere. It\u2019s possible lazy scammers may start using deepfake images<\/a>, which will be even harder to figure out, unless you read our blog and see some of the ways you can spot a fake.<\/p>\n

Stay in on your night out<\/h4>\n

Don\u2019t go outside the theoretical safety boundary of the app you’re using. This is one of the most common scam signs for any form of online shenanigans. Mysterious free video game platform gifts sent in your general direction? Surprise! You must receive the gift via dubious email link instead of the gaming platform you happen to be using. Making a purchase from a website you just discovered? Suddenly, you need to make a wire transfer instead of paying online\u2014and so on.<\/p>\n

Many dating apps restrict how much profile information you can reveal\u2014that\u2019s a good thing. However, that layer of privacy protection won’t work as well as it should if you\u2019re convinced by a scammer to pass along lots of PII through other means. If the person on the other end of the communique is particularly insistent on this, that’s a definite red flag\u2014for malware and<\/em> for dating.<\/p>\n

Hooking up with social media<\/h4>\n

A well-worn point, but it bears repeating: Sharing dating profiles with social media platforms<\/a> may well open your data up to further scrutiny, thievery, and general tomfoolery. Your dating profile may be nicely locked down, but that approach again loses value if tied to public profiles containing a plethora of information on you, your friends, and your family. This just isn\u2019t a risk worth taking.<\/p>\n

Sharing is not always caring<\/h4>\n

Keeping your own dating data disconnected from social media platforms is just one step in protecting your sensitive information. Another step is awareness. When using dating apps, you should spend some time looking at their privacy policies and settings, as well as looking up news stories on them online, so that you know where your data is going, who is sending it around, and why.<\/p>\n

For example, last month, the Norwegian Consumer Council revealed how the Android apps for Grindr, Tinder, and OkCupid sent sensitive personal information\u2014including sexual preferences and GPS locations\u2014to advertising companies, potentially breaching user trust.<\/p>\n

The nonprofit’s report<\/a> shone light on the digital advertising industry\u2019s efforts to collect user information and channel it through a complex machine to find out who users are, where they live, what they like, who they support in elections, and even who they love. By analyzing 10 popular apps, the report\u2019s researchers found at least 135 third parties that received user information.<\/p>\n

Users\u2019 GPS coordinates were shared with third parties by the dating apps Grindr and OkCupid. GPS \u201cposition\u201d data was shared with third parties by the dating app Tinder, which also shared users\u2019 expressed interest in gender. OkCupid also sent user information about \u201csexuality, drug use, political views, and much more,\u201d the report said.<\/p>\n

As to who received the information? The answers are less familiar. While Google and Facebook showed up in the report\u2014both receiving Advertiser IDs\u2014the majority of user data recipients were lesser-known companies, including AppLovin, AdColony, BuckSense, MoPub, and Braze.<\/p>\n

\"Infographic<\/p>\n

There\u2019s no cure-all to this type of data sharing, but you should know that privacy advocates in California are on it, having already asked the state\u2019s Attorney General to investigate whether the data-sharing practices violate the California Consumer Privacy Act<\/a>, which just came into effect at the start of this year.<\/p>\n

General OPSEC tips<\/h3>\n

Operational security, or OPSEC<\/a> for short, is pretty important as far as online dating is concerned. Some of the basic cybersecurity hygiene steps that we encourage our users to perform in their day-to-day business can help thwart unwanted digital access or steer you clear of physically dangerous situations. Here are a few examples:<\/p>\n

Passwords, passwords, passwords<\/h4>\n

We all know password reuse<\/a> is bad\u2014across dating sites, apps, or any accounts\u2014but depending on personal circumstances, it may also be bad to recycle usernames. If you don\u2019t want people you\u2019d rather avoid in the future tracking you down on social media, remember to use random names unrelated to your more general online activities.<\/p>\n

While we’re on the subject, there are several other best practices for password security that we recommend, such as creating long passphrases that are unrelated to your name, birthday, or pets. If you can’t remember 85,000 different passwords<\/a>, consider storing them in a password manager and using a single master password to control them all. If that seems like putting too much power in the hands of one password, we recommend using two- or multi-factor authentication.<\/p>\n

The point is: Don\u2019t reuse passwords on dating sites. There may be a plethora of intimate messages sent on these platforms, more so than on most other services you use. It makes sense to lock things down as much as possible.<\/p>\n

Stranger danger<\/h4>\n

Meeting a date in person for the first time? Tell other people where you\u2019re going on your date beforehand. It’s a basic, but invaluable safety step\u2014especially if you have no way of vetting your date outside of the dating app constraints. Let your insider know the name\/profile name\/and anything else relevant to your date that might help them track you later, if necessary.<\/p>\n

Also, try to obscure your literal latitude and longitude or home address from a virtual stranger before you get to know and trust them. Dating apps have taken those spammy \u201chot singles in your area\u201d ads to their logical end point. Hot singles in your area really would be beneficial where dating is concerned, so why shouldn\u2019t apps allow you to search on factors related to distance? However, on the flip side, this does rather tip your hand where revealing your general location is concerned.<\/p>\n

So while your date will have some sort of idea as to where you\u2019re based, you\u2019ll want to have your first meeting(s) somewhere other than \u201cthe bar at the end of my street.\u201d A little travel goes a long way to blocking some crucial details. Oh, and consider using public transport or your own vehicle to get to and from the date.<\/p>\n

Ring, ring<\/h4>\n

If possible, don\u2019t hand over your main phone number\u2014especially when such a thing may be tied to SMS 2FA, which can lead to social engineering attacks on your mobile provider. If your mobile is your only phone, consider using a disposable phone specifically for dating that isn\u2019t tied to anything important.<\/p>\n

If that\u2019s out of the question, you could try one of the many popular online services which provide their own number\/voicemail.<\/p>\n

Play it safe<\/h3>\n

After reading all of this, you may think that between potential security vulnerabilities, privacy exposures, and contending with awful scammers that it\u2019s not worth the hassle to bother with online dating. That’s not our intention.<\/p>\n

As long as you follow some of the advice listed above and keep in mind that dating apps can be compromised just like any other software, you should have a safe online dating experience. Just remember that anything you communicate online has the potential to drift offline\u2014after all, that’s the whole goal of online dating in the first place.<\/p>\n

Good luck, and stay safe out there!<\/p>\n

The post Cyber tips for safe online dating: How to avoid privacy gaffs, exploits, and scams<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Malwarebytes Labs| Date: Thu, 13 Feb 2020 16:36:45 +0000<\/strong><\/p>\n\n\n\n
<\/a><\/td>\n<\/tr>\n
We give advice on safe online dating, including steering clear of scams, buttoning up on privacy, and avoiding vulnerable apps.<\/p>\n

Categories: <\/p>\n