• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

5 Places Where You’d Never Expect to Get Hacked

October 28, 2020Art Martori

27
SHARES
FacebookTwitterSubscribe

For every gleaming new IoT device that hits the market, a hacker somewhere is figuring out how to compromise it. Today, even routine activities can land you in the sights of a bad actor.

Imagine what a bad day could look like in this era of ubiquitous connectivity… it’d play like some dystopian grindhouse film.

What an appropriate way to head into Halloween and conclude Cybersecurity Awareness Month! If you’re ready for a good cyber-scare, let’s look at five real-life scenarios where you’d never expect to get hacked — but just might.

1. Waiting to check out

It’s a busy morning at the grocery store and six people are in line ahead of you. The person in front exclaims she’s lost her credit card, and then apologetically moves toward the back of the line. You find it strangely un-Covid as she brushes by you and other shoppers.

In her hand she holds what appears to be a mobile device.

It’s actually an RFID scanner.

These portable devices are widely available online for around $1,000USD and let the holder read data from RFID chips within a few feet away. Theoretically, a bad actor could enact the above scheme to steal the credit card data of the five people behind her in line.

While this threat makes a great headline and has spawned an entire RFID-protection industry, many experts say it’s not much of a reality — as risks far outweigh rewards. Our fictional RFID skimmer would be caught on security footage and probably featured on the evening news.

At any rate, this scam would only work on first-generation RFID chips, and those are a few years old by now.

2. At the coffee shop

Looking forward to a chill morning answering emails, you grab a secluded spot at your go-to coffee shop and fire up that laptop. You recognize the open public WiFi but, curiously, it directs you to a login page for your Google account.

Weird, but whatever. It’s time to get this morning started. You enter your credentials and get to work.

You’ve just fallen victim to a pineapple router.

These $99USD devices plug right into a hacker’s computer and within a few minutes can be configured to execute a number of attacks. In the sitcom Silicon Valley, we saw pineapples deployed to mimic a website. And in Mr. Robot, they used them for a man-in-the-middle attack, eavesdropping on the FBI.

Pineapple protection is really a matter of paying closer attention to the WiFi networks you use. Open networks that don’t require passwords should be avoided whenever possible.

You should also turn off your device’s WiFi when you aren’t using it, and deactivate the settings to remember frequently used networks and connect automatically. This reduces the chances a pineapple can replace a legit network without you realizing.

3. In the kitchen

Your chill morning at the coffee shop turns into a productive lunch, and by dinner it’s clear you deserve a glass of wine. Pouring a nice red, you scan the display on your IoT wine sleeve, perusing the selection’s acidity and food pairings.

The wine cartridge is almost empty, but c’est la vie. The sleeve will automatically order a new one. This nifty feature is also available on your water filter in the fridge.

Somewhere from the darkest reaches of the web, a hacker also raises a glass. He’s just compromised your home network and is impressed by your taste in wine — and the balance of your checking account.

While the wine sleeve never made it to market, the water filter sure did. IoT devices like these can quickly cough up your sensitive data if a bad actor gets into your home network.

Keep hackers away from your smart devices by creating a secure home network. Keep an eye on the passwords you use for home network and IoT devices alike. If you haven’t already, familiarize yourself with the best practices for password strength.

And, obviously, make sure the passwords are different for your WiFi and all the devices connected to it. (Goes without saying… right?)

4. Going to the bathroom

It’s been a long day. And what better way to wind it down than by brushing away all the coffee and wine that powered your productivity? Good thing you just got that IoT toothbrush.

As you brush, a live feed displays on your mobile device, highlighting your technique and any spots you might’ve missed.

Somewhere, in another, darker reach of the web, a hacker is also evaluating your brush game. It’s not about sensitive data this time, just straight-up creepiness.

As you can imagine, content depicting unsuspecting victims is quite a prize — not just for people who are into that kind of thing, but also bad actors looking to sell it.

Secure these types of devices just like they were that wine sleeve. Lock down your home network, increase password security, and make sure bad habits don’t lay out a welcome mat for hackers.

5. Even in bed

Time to call it a day and do it all over tomorrow. That kind of hustle requires a good night’s sleep, the kind of sleep assured by your smart thermostat. It cools down the room as you crash out, and then raises the temp slightly once you’re asleep, preventing any shivery wakeups.

If you have any doubts this could be a threat, try spending a winter in Finland. By inviting the Internet of Things into your most private space, you risk getting hammered, unawares, by everything from data theft, to voyeurism, to ransomware.

Conclusion: Pay attention when and where you’re connecting

Ever notice how those scary B-movies tend to have a moral? Maybe ours should be this: The promise of a better, more convenient life can make it easier convincing ourselves that risks either don’t exist or have already been addressed on our behalf by someone else.

Here at Sucuri, we’re always preaching that security is a continuous process. Technology gets released, hackers figure out a way to compromise it, and then you figure out a way to stop the hackers. Repeat, ad infinitum.

That’s not to say you should avoid cool-looking IoT devices that could make your life more awesome. This is just a reminder to be conscious of when and where you’re connecting, and then to take the appropriate measure to ensure you’re keeping secure.

 

27
SHARES
FacebookTwitterSubscribe

Categories: Security EducationTags: home network, IoT

About Art Martori

Art Martori is Sucuri’s Copywriter who joined the company in 2019. His main responsibilities include developing content to highlight Sucuri’s products and services, and to educate the public about website security. Art’s professional experience covers more than a decade of journalism, creative writing, and marketing. When Art isn’t drafting blog posts or writing web pages, you might find him riding his motorcycle or hunting for new restaurants. Connect with him on LinkedIn.

Reader Interactions

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2021 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.