Over 60% Dating Apps Detected Unsafe by IBM Security – Popular Dating Apps Making Users Vulnerable to a Variety of Cybercrimes.
Mobile Dating apps are used by millions on their smartphones because in today’s dating-oriented culture these apps allow singles to find love interests conveniently. Various apps like Tinder, Match and OkCupid have garnered immense fan following lately thanks to their photo sharing, instant messaging and geolocation services.
In a year 2013 study, Pew Research Centre found that around 31million Americans have used or are using dating app(s).
However, latest analysis from IBM’s security researchers reveals that users of such apps may get exposed to theft, spying and even hacking. According to IBM’s study, 26 out of 41 apps, which were investigated on Google’s Android mobile platform, showed medium to high level security vulnerabilities. This means, more than 60% of the leading dating apps for mobiles are potentially vulnerable to different types of cyber-attacks.
“All the vulnerabilities identified can allow a hacker to gain access to a phone’s camera or microphone even if the user is not logged into the app. This means an attacker can spy and eavesdrop on users or tap into confidential business meetings,” according to IBM.
Considering the fact that a majority of these apps can access additional features like the microphone, camera, GPS location, storage and mobile wallet billing information, it is understandable that users become exploitable easily for hackers.
IBM, however, refrain from naming the vulnerable apps but it has informed the app publishers about the issues detected in their apps. Employees from nearly 50% of the companies, which were examined for this research, used vulnerable dating apps making the company prone to hack attacks.
Why Dating Apps Expose Users to Cyber Attacks?
The reason is that users usually don’t care about security issues while using dating apps considering them as safe. According to IBM Security vice president Caleb Barlow:
“Many consumers use and trust their mobile phones for a variety of applications. It is this trust that gives hackers the opportunity to exploit vulnerabilities like the ones we found in these dating apps.”
Another reason is that employees use the same phone for personal and professional use, which is known as the “bring your own device (BYOD)” phenomenon. This makes both the user and the firm exploitable. IBM’s report analysed that:
“The trouble with BYOD is that if not managed properly the organizations might be leaking sensitive corporate data via employee-owned devices.”
How can a Compromised Dating App pose Threat?
A compromised app can be hugely advantageous for the hackers since on dating sites users are eagerly waiting for feedback from their love interest and hackers can easily send them fake “phishing” emails/messages to retrieve sensitive data, install malware or conduct theft. Such as, hackers can use a
phone’s webcam or microphone to eavesdrop and overhear conversations or they can remotely control the phone through an app thus, acquiring confidential business data. GPS data also becomes vulnerable and may lead to user being stalked, personal conversations and text being exposed and billing information hacked. This leads to fake online purchases on websites too.
Recommendations from IBM:
IBM recommends that users of dating apps limit the divulgence of personal information and instead try to use unique passwords on all of their online accounts. Moreover, they need to install latest software patches timely and gain knowledge about the permissions required by every app they use. Barlow explains:
“Consumers need to be careful not to reveal too much personal information on these sites as they look to build a relationship. Our research demonstrates that some users may be engaged in a dangerous tradeoff – with increased sharing resulting in decreased personal security and privacy.”
You can read the complete report in PDF below: