Cybersecurity company ESET investigated the ways users could compromise their data through common application services and came up with seven types of dangerous applications.
We deal with our own personal data on a daily basis, as well as the digital information of our employers, employees, colleagues and customers. While public data can be easily accessed by anyone looking for it, many types of digital information need to be carefully handled and protected. Some of these may be internal data, confidential data such as ID numbers, restricted data such as legally protected data. Cybersecurity company ESET investigated the ways users could compromise their data through common application services and came up with seven types of dangerous applications.
The most common applications and the associated risks
Many people skim through the Terms and Conditions of Use before using a new app or signing up for a new service.
Free translation apps
Translation applications have to process a lot of information to translate it into the target text. While translating a particular word is okay, when it comes to translating an entire paragraph or document, the problem can be exponential. Be careful what data you enter into translation apps. Be wary of free apps without a license.
File conversion apps
These applications may need to handle sensitive data in uploaded documents. So always use only pre-approved apps.
Common calendars
Common calendars usually contain contacts from the phone book. To share your program with someone, you need at least that person's email address. Therefore, if they are not reliable enough, these applications may create a KVKK problem. Some common calendars can be quite confusing for their users. That's why users; they may not be sure what data they share with whom, whether they share their calendars with only those they want to send it to, such as coworkers, or whether they have made their schedule available to a stranger.
Note-taking apps and diaries
These apps mostly depend on why you want to use them. If you only use note-taking apps to make shopping lists, it's not as dangerous as using them to take notes from a business meeting or memorize your password. Also, you should use a password manager, not another app, to memorize your password. It is also worth noting that these apps allow you to add images, video or audio recordings to your notes, which could lead to another data leak.
Public file sharing apps
In addition to providing access to sensitive information, many public file sharing applications are cloud-based. A data leak can occur if that cloud service provider or your account is subject to a breach. However, some file sharing applications can be used with transparent encryption solutions. It is also recommended to do this to increase your data security.
Messaging apps
Messaging applications; It allows a series of actions such as file sharing, phone calls, video calls, sending messages and recording audio. As a result, many permissions need to be granted on your mobile device, including requesting access to your camera, microphone, and data in your memory. Also, some messaging apps do not encrypt the information they collect. Therefore, when these applications are compromised, attackers gain access to all collected accessible information, including sensitive information. There is also a difference in how these applications offer security in terms of encryption. Most messaging apps encrypt data (data in motion) during a transmission over the internet. However, some messaging apps offer extra security by using end-to-end encryption. With the end-to-end encryption method, the messaging application service provider cannot decrypt messages, but only the communicating parties can decrypt them.
Remote access applications
Need to check on your dog while at work? Or do you want to turn on the heating system before going home? Remote access applications allow you to do this. However, these applications can also work in the opposite way, and you may never know who is managing whom. Remote access services can act as a portal for outside criminals to enter and manipulate your device and steal data stored on your device.