202.5

Hackable Holidays: Turn off the ‘Big Three’ in crowds to prevent cellphone hacking

Visitors use their cell phone cameras to capture the moment of the 2016 National Tree lighting. Experts warn consumers should rely only on cellular connections to prevent themselves from being hacked in large crowds. (AP Images)

This is the third part of WTOP’s consumer series Hackable Holidays, which explores privacy concerns associated with smart devices and how consumers can better protect themselves this holiday season.

WASHINGTON — When people break out their phones in places such as the mall, or even a holiday concert, this season, they could be making themselves vulnerable to hackers. Experts suggest changing three settings to better protect personal information in a busy place.

“Most people don’t even know that something has happened until … you get a call from your bank saying, ‘Did you make a purchase in Florida?’ when you are in D.C.,” said Akil Muhangi, with the digital evidence unit of the D.C. Department of Forensic Sciences.

He suggests consumers change how they use their cellphones when going to a busy place this holiday by turning off the big three: Wi-Fi, Bluetooth and location services. If it’s easier, Muhangi said, switching it all over to airplane mode could spare you from a crime of opportunity.

“It’s discoverable. So if your Wi-Fi is on and your Bluetooth is on, it can come up on someone else’s phone or computer. There may be some person sitting in the mall with a computer in a bag, waiting to capture as much information from passers-by as possible,” he said.

A scam could be executed by tricking shoppers to opt into an open Wi-Fi network.

“If something pops up on your screen, make sure you read whatever those notices are before you just click ‘OK.’ It’s certainly possible that somebody might try to connect to your phone from their unauthorized Bluetooth device and you just click OK; you’re a sitting duck,” said CBS News technology analyst Larry Magid, who is also a CEO of connectsafely.org.

Take any identifying information, such as your name, off the Bluetooth on your phone and change it to something unique, Magid says. That will make it harder for a hacker to identify you as the device’s owner, which nearly happened to him at a conference.

“Somebody created a Wi-Fi network that was one digit away from my Wi-Fi, and I think that they were trying to do is to get me to click on that and trick me into logging into their Wi-Fi network, in which case they could own my computer,” Magid said.

The inconvenience of reconfiguring settings and then having to remember to change them back might keep some people from closing their phone off to Wi-Fi, Bluetooth and location services. But keeping cellular on is an option; Magid says it’s a more secure connection that still allows people receive calls and texts.

It’s the reason why, if you need to do any mobile shopping or banking, Magid suggests consumers only use a cellular connection.

“If I’m shopping online from a coffee house, I’ll use my phone or I’ll connect my computer to my phone through tethering, rather than connect my phone to public Wi-Fi, because that is a very insecure environment,” he said.

The Big Three of cellphone safety

WTOP's Megan Cloherty | Nov. 29, 2017

Download audio


Like WTOP on Facebook and follow @WTOP on Twitter to engage in conversation about this article and others.

© 2017 WTOP. All Rights Reserved.



Advertiser Content