August typically equates to one thing in most of the Northern Hemisphere…a heatwave. As a person with no air conditioning and very loud Black-Crowned Night Herons outside my bedroom window, I have often had to determine the lesser of two evils between sleeping with industrial-strength earplugs and the window open or waking up every morning so sweaty one would thing I owned a leaky waterbed.
Consequentially, I have spent a fair amount of time dreaming of air conditioning, or even better a smart thermostat that I could use to lower the temperature in my apartment to a cool 67 degrees and then bundle up in soft blankets.
When thinking about the Internet of Things (IoT) and otherwise connected devices, you likely don’t immediately go to fraud. Why would someone hack a thermostat? As a prank? As an ill-fated murder attempt? The answer (at least one of them) is ad fraud. That’s right, your smart TV, smart refrigerator, smart thermostat…basically any appliance in your house that is ‘smart’ and connected to the internet, has an IP address. Those IP addresses can then be used to target ads that are controlled by hackers that are actively leveraging your household appliances to get filthy rich one click at a time. This may seem fairly innocuous, but if you dig a bit deeper you will learn that an unsecured device can be very unsafe.
We spoke to TeleSign’s Guillaume Bourcy last year about connected devices and the internet of things. In the article, he contends that there are devices people use every day that might be susceptible to fraud but they might not even know it, a good example would be your car.
“While connected devices are often associated with the physical world, it’s important to remember that they are also tied to accounts and the real people behind those accounts. Believe it or not, fraudsters can hack your car. They can remotely kill your engine or track you for nefarious purposes.”
The main vulnerability of many of these connected devices is the accounts that are directly associated with them.
Think of your smart doorbell. You can use it to see when packages are delivered, check to see if it's a friend or solicitor that comes calling on a Saturday. You do this from an app on your mobile device. If that account falls victim to an account takeover, your appliances can start actively working against you and maybe a fraudster starts monitoring when you leave your home so they know when to rob you.
These vulnerabilities can be negated with verification and digital identity solutions that secure accounts from unauthorized access whether or not they are tied to a connected device. While IoT devices have been created with the idea of making our lives simpler, it's a friendly reminder that anytime we connect ourselves to the internet, fraudsters view this as one more opportunity to cause us harm. Look around you, there are probably dozens of devices in your house that have internet access, are they all secured? The truth might surprise you.
In addition to digital identity, consider adding secure and challenging passwords to accounts and safeguarding your login credentials. Also always add 2FA.
In the meantime, stay safe (and cool) during these dog days of summer. I know I will, my (non-smart) fan arrives tomorrow.
TeleSign has been connecting and protecting online experiences for over 15 years. We support the largest web properties in the world and we’re prepared to help you. Contact TeleSign now and for all of your security needs. As the pioneers of phone-based security, we are a one-stop-shop for all of your digital identity and programmable communications needs.