If you own a smartphone—and it’s quite likely that everyone reading this does—you’ve probably experienced a strange yet commonplace situation: One day you chat about a random subject with your phone nearby, and the next day you suddenly see ads related to that very subject. It’s a bit unsettling. How do these advertisements know what you were discussing?
Your smartphone could be the reason. Every smartphone comes with a built-in microphone that’s always on so the virtual assistant can hear your voice commands. So, is it possible that these devices are also secretly listening in on your conversations to serve you ads? Here’s everything you need to know, along with a simple test to check it out.
How can you determine if your phone is listening to you?
To find out if your phone is eavesdropping on your conversations, start by discussing a unique topic that you have never previously searched for or talked about with your phone turned on next to you. It’s essential that this topic is unrelated to your usual interests or search habits.
Spend a day or two talking about this subject out loud with your phone beside you the entire time. Ensure that you don’t look up this topic on any of your devices—not just your smartphone.
You can also bring up specific aspects related to this topic. For instance, if you’re talking about a trip to Spain, you might discuss learning Spanish or the best restaurants for paella in Madrid.
During this time, pay close attention to the ads you encounter online—ads on social media platforms, websites you visit, apps you use, and even those on your smart TV if applicable. Then, if you start seeing ads about the topic you opted to discuss, it’s likely you have confirmed eavesdropping and caught your phone in the act.
What should you do if you suspect your phone is eavesdropping?
Before considering drastic measures like covering the microphone and camera on your device or getting rid of it altogether, there are some simpler actions you can take to reduce potential eavesdropping.
The first step is to carefully examine the app permissions on your device. It’s possible that you’ve downloaded an app and inadvertently granted it access to your microphone. Review the permissions for each app on your phone and restrict access for apps that don’t require it for the microphone, camera, or location settings.
Next, clear your voice history and deactivate your phone’s digital assistant. Google, Siri, and Alexa are all quite handy but may be recording everything you say without your knowledge.
Just last year, 404 Media reported that a third-party company named Cox Media Group (CMG) was collaborating with companies like Amazon, Google, and Microsoft using “Active Listening” technology.
Although these companies have since denied using this technology to spy on mobile users, it’s important to recognize that such capabilities exist, and it would be naive to think that companies wouldn’t exploit avenues to market to consumers more effectively—after all, advertising is a major source of their income.
Finally, while companies are the most likely source of eavesdropping, hackers may also take advantage of vulnerabilities on your device to gain control of the microphone or camera. The best defense is to ensure you have the latest updates for both your phone’s operating system and all installed applications.
All these steps will help limit unwanted access to your phone’s microphone, but if you’re still uncertain, there’s an easy solution: simply turn off your phone or leave it behind when you wish to discuss confidential matters. This is the most effective way to guarantee that your phone can’t hear you.
If your phone isn’t eavesdropping, how does it obtain your data?
Although the idea of your phone constantly listening to every conversation can be disturbing, there are numerous ways that you may be unintentionally revealing the same information without speaking it aloud.
Each smartphone serves as a rich repository of personal data that various apps can draw from. These devices function as miniature computers packed with sensors: gyroscopes, accelerometers, magnetometers, and nearly any other type of sensor imaginable.
The information gathered from these sensors can yield an astonishing amount of data about our routines, behaviors, and personalities.
Every place you go, the people you interact with or spend time with, your lifestyle choices, and even personal health information are just a few examples of the metadata and telemetry—data from phone sensors—collected by your device. Additionally, consider the extensive data you’ve provided over the years to your apps and through Google searches.
Your mobile device and the apps you’ve installed collect a vast amount of data and transmit it to third parties, like data brokers, for analysis, resale, and ultimately for you to see as tailored advertisements.
Therefore, even if you haven’t discussed or searched for that trip to Spain, your phone might have deduced your interest based on its collected data. Perhaps your friends were looking up Spanish AirBnBs while you were nearby, or you’ve recently started using Duolingo to learn Spanish, or maybe your purchasing habits indicate a recent increase in buying saffron and jamón.
Any of this metadata might explain the strikingly relevant ads you’re encountering. While it’s possible that your phone is truly eavesdropping, it could simply be the unseen data you’re revealing in various ways that gives it away.
We all appreciate our smartphones and the countless ways they connect us and simplify our lives. However, some of the applications that you enjoy and depend on could potentially expose you to risks. In a time when sharing everything online has become common, it’s easy to overlook the importance of privacy, but it’s crucial to remember that it takes very little information for someone to commit identity theft or even access your banking accounts. We have compiled information on some of the most troublesome apps so that you can make an informed choice about which ones to trust with your privacy and which ones you should remove. The problematic ones often fall into one of these top mobile security threats.
Proactive protection
You can avoid a lot of future problems by taking some straightforward steps before downloading any apps, according to Caleb Barlow, former VP of IBM Security and current CEO and president of CynergisTek. “Only download mobile applications from legitimate stores,” he advises, mentioning Google Play and the Apple Store. Once you’ve found authentic apps to download, “be diligent about permissions and regularly review application permissions. Disable permissions that are unnecessary for the app to function correctly.” Here’s how to secure apps in case someone physically accesses your phone.
It’s also wise to conduct a bit of research beforehand. Barlow suggests looking into how many reviews an app has before downloading it. Ideally, every app you add to your phone should have already been tried and reviewed by a large number of other users.
CamScanner
Ana Bera, a cybersecurity expert with Safe at Last, flagged CamScanner, an application designed to mimic a scanner using your phone, as one that consumers should be wary of. “Cybersecurity professionals have detected a malicious component within the app that functions as a Trojan Downloader and continuously collects infected files,” she states. “Such apps can severely harm your phone and should be uninstalled immediately. Fortunately, once you remove it, it is unlikely to continue causing you issues.”
Although there are safer alternatives that offer the same features as CamScanner, Bera notes that “the app merely imitates a real scanner, so you can always revert to using the traditional device.”
Weather apps
“Examine your weather app,” recommends Shayne Sherman, CEO of TechLoris. “Numerous weather applications have been found to contain Trojans or other types of malware.” While the least harmful of these suggests that it collects information merely for weather accuracy, he finds that concerning. “Instead, rely on your local forecast, and if you’re using Good Weather, remove it immediately,” he advises. “That app is particularly hazardous.”
Flashlight apps
You might not have expected this one. “Free flashlight apps often pose significant cybersecurity threats,” explains Harold Li, vice president of ExpressVPN, a consumer privacy and security firm. “Many of these apps are free but supported by ads, and they frequently ask for permissions like audio recording and access to contact information to function properly. By installing these apps, users risk exposing their personal data to app developers who profit from selling this information to advertisers.”
Li recommends deleting these apps altogether. He also suggests updating your passwords for any social media or email accounts on your phone. Additionally, you can contact these companies and request the deletion of all your data. In line with certain laws in various countries and states, consumers have the right to have their data erased.
While Li couldn’t suggest any safe alternatives, he did emphasize: “It’s 2019, and most phones already come equipped with a built-in flashlight feature, so there’s generally no need to download another free app that could be harvesting and selling your data.”