Is Your WebCam a Peeping Tom? How Your PC’s Camera Can Be Hacked To Spy On You.

webcam spy

Virtually every computer sold today comes with a dirty little secret.

It can spy on you.

What’s more, if hackers can infect your computer with malware they can hijack your webcam and secretly watch you too – regardless of whether they’re based down the street or on the other side of the world.

In some cases, if they’re really sneaky, hackers can even spy on you without the LED on your webcam lighting up.

If you have a webcam – and almost undoubtedly you do if you have a cell phone, pc, laptop, tablet or home (or commercial) camera security system with an Internet connection – then you are at risk of being hacked via your camera’s IP address.

All a hacker needs to do is figure out where your camera is located, and then a stalker can watch your every move.

Luckily, however, there are ways to protect yourself from unsavory or unwanted people spying on you in your own home or business.  We will teach you how to easily protect yourself from being covertly observed without your consent.  But first, let’s explore how a webcam hack can occur. (The more you know, the less vulnerable you are.) For the purpose of this instructional, we will refer to a pc but this information also applies to all of your other electronic devices with cameras.

How Can A Stalker Hack Your Webcam:

To get on your computer, hackers use a remote access tool, or a RAT. If you’ve ever had a tech support rep access on your computer remotely to change settings or try to fix a problem, they used a RAT.

Fortunately, RATs require your permission to let someone on to your computer remotely; the person can’t just take control. That means a hacker has to trick you into letting them on to your computer, and there are several preventable ways they do that.

How Do Hackers Trick You Into Accessing Your PC:

To get a RAT on your computer, hackers have a number of tricks: fake email attachments or malicious links , Trojan viruses, phony tech-support calls, and so forth. Once you’ve been tricked into running a file, clicking a link or otherwise  inviting them on to your system, they will take control and spy on you at will.

Think you are too tech savvy to fall for scam email? Click anywhere on the below indented paragraph to take this quick quiz from our friend, tech goddess Kim Komando, to see if you, like 80% of those surveyed, will fail to distinguish between real email and phishing scams.

Back in December, CBS News joined forces with Intel Security to create a quiz where readers can test their knowledge on phishing emails. The quiz consisted of 10 different emails in which readers simply need to decide: legitimate email or phishing email?

Surprisingly, out of nearly 20,000 people quizzed, 80% fell for at least one of the phishing attempts. Only 3% got a perfect score.

What about you? Take the quiz and see how you do. 

How Can You Spot a RAT?

(Our first line of advice is to avoid unsolicited email attachments and links, run up-to-date security software and thoroughly vet anyone who contacts you claiming to be tech support for a major, known company. Also, you may not know that Windows has a RAT built in. Almost all Windows OS versions contain a RAT for ease of access for real tech support.)

Firewall and Antivirus Software

Firewall software blocks incoming and outgoing port connections, so they are your number one defense against RATs. Firewalls combined with antivirus software catches most threats.

View Processes Running

Right-click your Windows toolbar and select “Task Manager.” Click the “Processes” tab in Task Manager. This window gives you a list of programs running on your machine. Review them for any strange names or names that you don’t recognize as typical programs. If you don’t recognize the name, type it into Google. Several sites tell you if a process is malicious, so you know if you have a RAT on your system.

Odd Startup Programs

In some cases, the hacker might want another program to start when you boot your computer. If you notice any strange programs that start up when you boot your computer, you might have a RAT. These secondary programs are usually malicious software also, so you’ll need to remove them when you remove the RAT.

View the List of Installed Programs

Open Windows Control Panel and view the list of programs installed on your computer. If you notice any odd programs, then it could be malicious. In fact, the popular software TeamViewer used to collaborate remotely with people is often used as a RAT. If you didn’t install it on your computer, you should remove it. This application gives remote access to authorized and unauthorized people.

Slow Internet Connection

If you normally have fast speeds but lately your Internet connection is extremely slow, you should first check the router and wireless connection. However, if the hacker is downloading information from your computer, he uses the bandwidth and creates noticeable lag on the network. If you suspect that someone is remotely accessing your computer, the fastest way to stop it is to disconnect from the Internet.

A security recommendation, protect any and all access to your electronic devices with a really strong password.  This first line of defense has a very high success rate in keeping out most hackers.

BNI Operatives: Situationally aware.

As always, stay safe.

 

 

 

Identifying and Reporting Cyber Harassment

(We’re wrapped up in several serious cyber harassment cases at the moment and are sharing several tips on how to handle these type situations that cross over into criminality.  All too frequently we feel our hands are tied in trying to protect ourselves, our businesses and families from this type of harassment but in reality, the reporting protocol for these type incidents already exists.  Below is information on how to report cyber harassment.)

Cyber harassment refers to the malicious use of technology to willfully and deliberately harass or harm another individual or entity.  Cyber harassment can qualify as a federal crime.  Undoubtedly though, it is a scary experience for the victim. If you are in fear of imminent danger to your welfare or that of  others,  call 911 immediately to report the harassment.

Instructions  

1.  Determine whether you are the victim of cyber harassment. The lines between genuine cyber harassment and general nuisance are blurry, so it can be difficult to substantiate a claim of Internet harassment. If someone is threatening you with violence and you genuinely fear for your safety and well-being, you might meet the criteria of being a victim. It is important to note that hacking, cyber spying and cyber stalking are not forms of Internet harassment. The first two are not necessarily criminal activities, depending on the nature of the offender’s behavior, and the latter is a separate crime, which should be reported and addressed differently than cyber harassment, defined by the Federal Anti-Cyber-Stalking Act.

2.  Do what you can to reduce or prevent further Internet harassment from occurring. This includes changing your email address, screen names and member names for instant messaging programs and social networking websites; applying private settings to your profiles and websites that currently are public; and ceasing all contact with the person who is harassing you. You must demonstrate that you have taken steps to stop the person from harassing you. If you communicate continuously with the individual who is harassing you, your chances of  being able to report and stop Internet harassment will drop significantly.

3.  Gather as much information as you can about the individual harassing you. This can prove to be quite difficult given the anonymous nature of the Internet, but technology allows law enforcement to track down anonymous harassers by using multiple methods. Develop a log that includes email addresses, screen names, and website and social networking profile URLs that belong to the person/people harassing you. Save and print emails and conversations, create “screen grabs” or screenshots of websites or profiles with threatening or malicious content, and keep track of the offender’s every attempt to contact you. A detailed log containing dates, times and places will help you immensely when you report cyber harassment. If possible, also try to locate and write down the offender’s Internet Protocol (IP) address.

4.  Contact your local law enforcement agency and ask to report cyber harassment. Use the police department’s non-emergency (administrative) telephone number or visit in person to make your report. Be prepared to provide information you have detailed in your log.   If you know the offender’s (even general) location, you can contact his local police department or file a report with both precincts. Be sure to get a copy of any police report you file.

5.  Contact your local FBI field office if your local police department is unable to or uninterested in pursuing your report. You can locate your local office using the FBI’s field office locator online, or ask you local police department for the information. Always attempt to make a report with your local police department before contacting the FBI, unless you have reason to believe the harassment is terroristic in nature,  (e.g., the offender is threatening to plant a bomb or commit a school shooting).

6.  Contact a cyber harassment watch group for more assistance. While your matter is under investigation, you can contact an organization such as WiredSafety for further assistance and general support. Note that this type organization is not a governmental or law enforcement agency and you should not rely on these private groups as an alternative to law enforcement authorities.

As always, stay safe.