What Seniors Need to Know About Bluesnarfing

The wireless technology known as Bluetooth was first introduced in 1998 for exchanging data between devices over short distances (up to around 33 feet) and creating personal area networks. For example, many people use Bluetooth-powered wireless headphones or speakers to listen to music from their phone or tablet. If your desktop computer has a wireless keyboard or mouse, chances are it is connecting to your computer through Bluetooth technology. If you have ever used the “AirDrop” feature to share pictures from your iPhone to another Apple device, you were using Bluetooth.

Bluesnarfing is a wireless hacking technique in which a cyber-attacker illegally accesses a Bluetooth-enabled device (such as a phone, tablet, or laptop) without your permission. From their own laptop, the hacker can then gain access to your calendar, contact list, messages, photos, passwords, and other data without ever touching your device. They can even change settings and install malware, which could result in ID theft or fraud.

Bluesnarfing is especially concerning because of its “unknown” element – although Bluesnarfing was first discovered in 2003, those who have never heard of it simply don’t know that they need to protect themselves against it. But knowledge is power: once we learn of a problem, we become aware of the dangers and learn how to protect ourselves.

How does it work?

If you are in public (for example, using your phone in a doctor’s office waiting room) and have Bluetooth turned on in your device settings (as most of us do), a cyber attacker within range of your network – around 30 feet – may be able to illegally access your phone. Here’s another example: you’re sitting in a coffee shop with your granddaughter looking at pictures on her laptop, when she suddenly remarks that it seems that someone is controlling her computer. A cybercriminal in range has done a network scan to find devices that have a discoverable Bluetooth connection. Through that active connection, they have found that this laptop’s security is vulnerable, and have begun to transmit data from that laptop to theirs. Although visibly taking control of someone’s device is possible, these criminals may also gain access without the user ever seeing or knowing it has happened.

Cyber criminals are able to use your information for a multitude of reasons, including stealing your identity, data mining to sell your information to others on the dark web, and gain entry to your financial accounts. They may even make calls or send texts to people in your contact list.

How can I protect myself against Bluesnarfing?

1. Check your default Bluetooth settings. When you are not using Bluetooth, turn it off, or make it non-discoverable or hidden.
2. Do not leave Bluetooth-enabled devices unattended. For example, if you were to leave a Bluetooth-enabled phone or tablet in your vehicle while you run into a store, a hacker in a nearby car could access your unprotected network.
3. Never accept Bluetooth pairing requests from devices you do not recognize. If you are pairing a new device for the first time, do it at home, not in public.
4. Keep your confidential and personal data such as financial documents or password lists safe in a device that does not use Bluetooth, such as your desktop computer at home.
5. Always be sure that your mobile device has the latest update, as these updates tend to address security weaknesses and offer new protections in the form of software updates.
6. Use a PIN to lock your device when not in use and always use strong passwords (a combination of uppercase and lowercase letters, numbers, and symbols.) If you have a difficult time remembering passwords, consider using an encrypted password manager such as LastPass to store your data.

Thanks to upgraded security features and built-in authentication in newer Bluetooth devices, Bluesnarfing attacks are on the decline. Keep in mind that if you have an older device, it may have a higher vulnerability, since it doesn’t have the benefit of newer security.