Search This Blog

Powered by Blogger.

Blog Archive

Labels

Shoulder Surfing: What is it and how to Protect Yourself?

Shoulder surfers can target anyone, whether they use an iPhone or an Android device, and especially if they use a simple 4-digit PIN.

 

The Wall Street Journal reported last month on a recent trend in phone theft: Thieves in major cities want more than just expensive smartphones; they also want the users' PINs. What's the reason? A stolen phone may fetch a good price on the black market, but the financial information stored behind your phone's PIN can be worth tens of thousands of dollars more. 

The most common method for a thief to learn a phone's PIN, or passcode, is "shoulder surfing," which means the thief literally observes the owner entering their phone's PIN and then decides to steal that person's phone. After stealing it, the thief can use the observed PIN to unlock it, then change the PIN and even account passwords for the owner's online services.

After stealing it, the thief can unlock it using the observed PIN, then change the PIN and even account passwords for the owner's online services, effectively locking the owner out of remote tracking of the stolen phone and removing their ability to remotely delete data from the stolen device. That PIN also grants the thief access to numerous financial apps on the stolen phone, which he or she can then use to transfer money from the victim's accounts.

Shoulder surfers can target anyone, whether they use an iPhone or an Android device, and especially if they use a simple 4-digit PIN to unlock their phone, as the majority of people do.

But it's 2023, and with so much personal data (photos, notes, and messages) and financial data (bank apps, money transfer apps, photos of tax records or other financial statements) on our phones, protecting all that sensitive information with a 4-digit PIN is asking for trouble. Fortunately, there are simple methods built into the iPhone's iOS and Android operating systems to protect your device from shoulder surfing. Here are things you should be aware of.
  • Cover the ATM keypad when entering your PIN.
  • Use strong passwords, a single sign-on password manager, two-factor authentication or biometric authentication for an added layer of cybersecurity.
  • Don't verbalize sensitive information over a mobile device in public.
  • Use a screen protector for public computers or laptops.
  • Lock your devices whenever you leave them.
  • When entering data on a cellphone in a public place, sit with your back to the wall.
Share it:

Cyber Security

Data

Data Safety

Safety

Security