If you use your phone for more than just calling, like for accessing your social networks and for paying online bills, then beware as you could get hacked. Yes, you heard me. The way you hold your smartphone while entering your password is all that hackers need to crack your credentials to steal your personal and financial information and to blackmail you.
According to Dr. Maryam Mehrnezhad, Researchers at Britain’s Newcastle University said it is easy for hackers to guess your PIN and password by knowing how to hold your phone, how you type, tilt or even swipe or by monitoring the motion sensors found inside nearly all smartphones. Hackers can crack four-digit PIN with 70% accuracy on the first guess and 100% accuracy by the fifth guess.
Also Read: 7 Ways How Hackers Plan Their Attacks
“But because mobile apps and websites don’t need to ask permission to access most of them, malicious programs can covertly ‘listen in’ on your sensor data and use it to discover a wide range of sensitive information about you, such as phone call timing, physical activities and even your touch actions, PIN and passwords.”
“More worrying, on some browsers, we found that if you open a page on your phone or tablet which hosts one of these malicious codes and then open, for example, your online banking account without closing the previous tab, they can spy on every personal detail you enter”.
As we all are aware of the problem but no solution has been found yet, as per Dr, Maryam Mehrnezhad “There is no uniform way of managing sensors across the industry they pose a real threat to our personal security,” she said. And even if we did deny access to a browser altogether, “we don’t want to lose all the benefits associated with in-built motion sensors.” However, users can protect themselves by using applications from the trusted sources and changing the Pin and password on regular basis.
As no one wants to compromise their privacy and security, people often worry about connecting to public Wi-Fi networks or bypassing the fingerprint sensors.
Here are few ways to protect your web accounts and online financial institutions.
- Create high entropy passwords.
- Always use one-time passcode generators.
- Disable online access to your wireless account.
- Use different passwords for different accounts.
- Try to use Google Voice.
- Keep your cell phone operating system and apps up to date
Researchers have already informed the browser makers (Apple, Mozilla Firefox and Google) about the sensors vulnerability. however, no one has come up with any solution so far.