May 7, 2014
How Do Celebrities Get Hacked?
Celebrities. They’re just like us! They’re susceptible to the same mobile threats as normal people are, like phishing and malware. Plus, famous people are likely at more risk for targeted hacking attacks. The personal info on their devices—contacts, pictures, emails—is not just sensitive; it can be very valuable fodder for the tabloids. If only those People’s Choice Awards came with Lookout’s Five Tips engraved on the side!
Here are the top ways we speculate famous people get their phones and sensitive contacts and photos compromised.
They click on links from "friends."
Celebrities: they have friends, too! Celebs can be targeted in “spear fishing.” Scammers can trigger an email or Facebook post appearing to come from a trusted friend or relative, rather than a run-of-the-mill, shady Nigerian prince, prompting a celeb to unwittingly download malware or give up private, sensitive information. Phishing attacks can be even more effective on mobile than on desktop PC because you likely can’t see the majority of the link due to the small form factor of your mobile device (in fact, research has shown that users are three times more likely to click on a suspicious link from their phone as opposed to their PC).
They use the same password everywhere, or none at all.
We speculate the News of the World voicemail hacking scandal was made possible because many people choose very simplistic voicemail codes (1111) or never even take the time to change the factory default voicemail PIN number on their devices. This makes it very easy for hackers to listen to voicemail messages that are stored on cell phone carrier’s servers.
In addition to setting a different voicemail passcode, make sure to have different passwords for different online accounts and also set a passcode to access the device itself. Sure, the extra second seems like a hassle for every time a celeb wants to check for email from her agent. But think about all the apps like email and photo gallery that you can access right from the phone’s dashboard. Without a passcode on a celeb’s phone, a paparazzo-cum-pickpocket could swoop in on an unsuspecting celeb and get easy access to all the good stuff.
They use the free WiFi at the coffee shop.
Whenever you see famous people in the tabloids, they always have some coffee beverage in one hand and their phone and keys in the other. It stands to reason that celebrities, just like us, relish saving on network data charges and tapping into the free, public WiFi at the coffee shop. They should be sure to only “window shop”: look but don’t log in to websites on public WiFi. These WiFi signals often send data unecrypted, in the clear. So if you’re logging into Amazon or your bank on public WiFi, it’s a little bit like sending your passwords through the post in a clear envelope. It doesn’t take the smartest hacker to grab this sensitive data off the air.
They use phones with known software vulnerabilities.
You’re a busy celeb. You have a reality show to tape, a children’s book to write, a restaurant to open, and Oscar™ to polish. You don’t have time to download the latest system updates for your phone, right? Wrong! Make sure your phone has all the latest firmware updates, because the updates often fix known security bugs. In fact, back in 2005 when Lookout was known as Flexilis, the three co-founders made news by standing outside the Oscars, where they were able to scan as many as one hundred phones whose sensitive data could be stolen by exploiting known network carrier vulnerabilities.
It can be a little disappointing to learn that famous people are not so different from us normal folk. On the bright side, you don’t have to be famous to get first-class smartphone security when you follow a few simple precautions.