How to prevent attacks by hackers using Bluetooth pairing to get to your personal information

ByJason Knowles and Ann Pistone WLS logo
Wednesday, February 21, 2024
How to safely connect to Bluetooth devices, protect your information
Criminals are finding ways to take your personal information with Bluetooth pairing. The I-Team has tips to keep your personal information safe.

OAK PARK, Ill. (WLS) -- We all use Bluetooth technology to connect our phone to devices and make it easy for others to send us links and pictures.

Bluetooth connects devices over a radio frequency. But we hear about Wi-Fi risks all of the time, so how safe is your Bluetooth connection?

"In the first couple of seconds we already have 73 different devices," NowSecure Tech Security Expert Andrew Hoog said. "We are here in suburban Oak Park people walking by there have been over 150 devices in the past few minutes."

Hoog used Open-Source software to walk down the neighborhood. The software is meant for IT departments to spot problems. But like anything, it can be misused.

"If they want to do a Bluetooth attack they are going to try to find all of those devices that are close by they will click on that device," Hoog explained.

Using Bluetooth to hack devices is also known as a Blueborne attack, in which hackers look for vulnerabilities in smart phones, and try to connect to them to get hijack your personal information.

"If they are able to connect a keyboard to your device they now effectively have what we call a hands-on keyboard," Hoog said. "That's really what an attacker wants. They can use your device, and they will be able to control it."

To avoid being hacked, make sure to update your phone's software. Hackers could also try to gain access to cars, cameras, wireless earbuds and medical monitoring systems.

The Open-Source scanner Hoog used even found lightbulbs that were connected to Bluetooth.

"What if it's the lock to your house? What if it's your garage door opener?" Hoog said.

SEE ALSO: Scammers file fake federal tax return with H&R Block online, try to steal family's $10K refund

"You should turn off open-Bluetooth pairing, after you set up those devices and update software," Hoog stressed. "Also when, naming your phone or device, don't use your name. If I am a hacker I want to see what devices are around me and if it says 'Andrew Hoog's iPhone,' I just learned some really important information. I know who the person is and I can research."

Also beware of what's called Bluejacking. That's when someone tries to send you a malicious link via Bluetooth, which can install malware or phish for information.

"One of the tricks they use with Bluejacking is spam you a lot with links, and fool you only once and you say 'yes' and they are connected to your device," NordVPN Security Experts Adrianus Warmenhoven said.

One click could compromise you, Warmenhoven added.

To protect consumers, Apple recently set an automatic 10 minute limit on the iPhone's ability to receive links and pictures from people not saved in your contacts via Bluetooth.

Finally, watch out for Bluesnarfing. That's when phones ask if you want to connect to a nearby Bluetooth device. Experts said those devices could be traps set by scammers who want to dig.

"They could get your contact lists, your messages, but they also might control different aspects of your car," Warmenhoven said.

RELATED: How to protect your personal info when you have a smartphone and smart car

Hoog added everyone should treat all Bluetooth risks like a phishing email.

"Attackers are very creative and there are lots, and lots of different ways and they will find the cracks and they will get in,'' Hoog said.

The Bluetooth Special Interest Group said it provides developers tools to make sure communications between Bluetooth devices are secure, and the group works with security experts to address any vulnerabilities.

Again, make sure you are always updating software on devices. If your phone is old and can't be updated you may have to get a new one.

To protect yourself from many of the Blue-threats, you could just completely turn off your Bluetooth.