While this was going on since 2016, it was only in 2019 that WhatsApp found out and released a patch, indicating a serious lapse in cybersecurity.
While companies are increasing their spends on cybersecurity, data breaches show that clearly this is not enough. One of the prominent names entangled in this scandal is WhatsApp. The company recently announced that it had certain accounts affected by Pegasus software. While this was going on since 2016, it was only in 2019 that WhatsApp found out and released a patch, indicating a serious lapse in cybersecurity. While Google has been the leader in bug bounty programmes—it has spent over $15 million in the last decade—Facebook, despite a larger base and a wider range of products, has spent $7 million. Not just tech giants, even companies such as Zomato and Dropbox have not done enough to protect their user data. To be sure, users are also to blame for this mishap, most keep the same passwords across apps allowing hackers to gain access to services. Here are a few apps and services that can help you keep a clean bill of health, especially while transacting online or over the phone.
Who wants to remember 30 passwords for 15 apps? For most people it is easy to remember a single password or a combination rather than remembering all. They are also the ones who are most likely to suffer breaches. While most would not know if their email has been breached until there is some suspicious activity or money siphoned off, a good way to check this is a nifty little website called haveibeenpwned. The website tells you if your mail has figured in any of the breaches, and what data was stolen during those times. While it is not sure-shot, it does give you an inkling of what to do. Best is to change your password and keep a separate password for each app. There is a notify feature wherein any breach will get reported to you.
Although haveibeenpwned is the oldest service, it is not the only one. You can also check for breaches at breach alarm. DeHashed, however, has a different model. Instead of a focus on just email addresses, DeHashed can tell you if your name has appeared on any of the hacked lists. You can search your usernames, address, basically everything, to see if any of the services that you have been availing have been hacked.
Another method is to check who is tracking your activity. Ghostery is the perfect plug-in for your Firefox and Chrome needs. Just download the plug-in and Ghostery shall start working. Although the service acts as an ad-blocker, it also works as a smart advertising tracker. You can know who was tracking you where. There is an option for switching off Ghostery for certain services. If you are afraid of logging onto fake and dummy sites, Ghostery can be a good option.
Apps & services focused on privacy
As most people operate services via their mobile devices, it is important to make sure that malicious apps and services do not land on your mobile phone. Although Google Protect scans most apps for any malicious use, it does not show the app permissions and accesses that are needed. AppCensus and Exodus Privacy can help scan your phone for any privacy violations. As most apps vie for more permissions than required, they can tell you the data that you have agreed to give these apps.
AppCensus is a service that helps you find what personal information apps collect and where they send it. The user interface is simple: Search for the app, and AppCensus will provide information on three parameters—data flows, device identifiers and data recipients. Data flows show what kind of information is used by an app, device identifiers indicates how the app can recognise you, while data recipients indicates who all are receiving this data. Exodus Privacy scans all apps that reside on your phone providing information on data transfers and permissions by app developers.