Skip to main content

Phishing on Home Voice Speakers

In the News 

Home speakers have another potential privacy blunder. In New Way Found to Use Alexa, Google to ‘Voice Phish’ and Eavesdrop on Users, Elizabeth Montalbano at ThreatPost discusses how Alexa Skills and Google Actions can be manipulated to infringe on the privacy of its users. Montalbano details that through these speaker additions, attackers cannot only listen to users when the device is not requested, but also use the information they overhear to access various password and account information. Montalbano emphasizes the need for caution when having conversations near these home speakers.  

Our Take 

Home speakers help millions of people find ease in their daily routines and have provided a technological solution for many tedious daily tasks. However, this added support increased user comfortability with these devices in their homes and near their daily conversations. While a complete level of privacy should not be lost with the use of home speakers, recent discoveries have shown that these devices come with serious privacy flaws. Now, using a home speaker requires one to acknowledge that privacy is not a guaranteed factor with the use of the product. As such, being mindful of what you say and share with or even near a home speaker is crucial to maintain your information privacy. Similarly, in order to keep your information secure, maintain good password habits and frequently change your unique passwords to avoid any potential account breaches.
 

Recommendations 

How can you better protect your personal data when using a home speaker?   

  • Refrain from sharing highly sensitive information over the phone, a speaker, or a messaging service  
  • Don’t reuse your account passwords, and take advantage of multi-factor authentication whenever possible 
  • Ensure that you are running the most secure version of a program, app, or system by updating your devices regularly 
  • Check your email, financial accounts, and credit reports regularly for abnormal activities       
  • Stay up to date on the news regarding recent fraud and phishing attacks to see if you may have been affected 

Leave a Comment