Trapped in hacker’s web

As more people share their personal details online, experts say that privacy is a myth. Only recently, it was reported that the personal identity, including Aadhaar numbers and other sensitive information of several people was leaked. At a time when data is crucial, any personal information can be used against an individual. 

Sonia S uninstalled the Sarahah app after she received a message that read, “I am able to see all the unsernames of anonymous senders on sarahah spyer website.”  The 29-year-old says that while she would like to know the names of the people who sent her the messages, she does not want her identity to be revealed to others. “I might just lose my job, because I sent a very critical message to my boss and he might not be pleased with my feedback,” she says.

The core idea of the app is to send honest feedback to co-workers while being anonymous. But the app has grown to be one of the most downloaded apps. Many people on social media say that they have uninstalled the application from the phone, after the rumours of account hacks. Following this, Sarahah on its Twitter account announced, “Sarahah would like to clarify that all messages about revealing the sender’s identity are fake.” 

Social media expert Sorav Jain says, “Not only Sarahah, but the sites that ask you to submit the Sarahah ID and password for revealing the identity of the person who sent you the message — those are the ones you should be wary of. Also, this is not a new thing. Earlier, there was  sayat.me, which became popular on Instagram but it never gave the option to make posts out of the feedbacks received. Sarahah on the other hand, gives people the option to make a post out of feedback and this is what has made it popular,” says Jain, adding, “I also believe there are many who are annoyed with Facebook updates in their timelines. I assume soon Facebook will launch ‘hide all from Sarahah app’ option, so that the platform is clean for people who don’t like it.” But cyber experts say that any app that comes for free has a catch to it. “At the end of the day, it is all about business and the makers get to have all the data. Any app is like a spy within the phone, absorbing all the data. A gaming app like the Angry Birds takes all the information from the phone. It would be naïve to think that such apps are hack-safe,” says cyber expert Karthikeyan N. 

These hacking threats cannot be taken lightly as there have been reports of Facebook founder Mark Zuckerberg’s social media accounts being allegedly hacked more than once. 

There are several ways in which a hacker can pool in data from the information available on social networking sites and other applications. “Usually, the security feature should be part of the architecture of building the software, but what usually happens is that developers build a software and slap the security feature, which becomes vulnerable to hacking,” says Karthikeyan. 

However, ethical hackers say privacy is a myth and the smallest of details available online about you can be used against you. “When we download any app, they ask you to allow the app to access the call logs, location and other data. Some of them even ask you to make calls and send messages. These may seem harmless but all that data is stored somewhere and can be accessed and are mostly traded,” says a tech expert and ethical hacker, who did not want to be named. 

Hackers use the personal data to access bank and other accounts of their victims. “Most of us have our ATM pins or bank account codes as our date of birth or the birthday of someone close to us. If these details are easily accessible, then it would not take long for a seasoned hacker to get the account details,” the hacker says. “There is something called the ‘Dictionary Attack’ where someone can gain access to anyone’s computer system, by using a set of words to generate potential passwords. One has to go through the social media profile of a person to know their interests and people important to them, to guess passwords,” he adds. 

Though talks about privacy and social media have been going on for years, every year, millions of users download apps for self-validation. Mental health experts are increasingly dealing with patients of internet addiction. “I have clients coming to me who feel emotionally low if they do not get  ‘likes’ and ‘comments’. I had a patient who wanted me to help perk-up her social media image. I have had people whose marriages broke up because of a WhatsApp message,” says Dr Mini Rao, the city based psychologist. “Like any other addiction, this too has withdrawal symptoms. People are so addicted for the validation through social media, that when asked to stay away from it, they just cannot and it is a dangerous trend,” she adds.

Scripts of the popular TV drama Game of Thrones, along with the phone numbers and email IDs of the actors were leaked recently and a link to India was examined.

Ransomware, a malware that  prevents a user’s access his/her data until a ransom is paid in Bitcoin. Computers in over 150 countries have been affected.

An IIT Kharagpur graduate was recently arrested for allegedly hacking the central identities data repository of the Unique Identification Development Authority of India’s (UIDAI) Aadhaar project. He allegedly gained access to the data through the Digital India e-hospital initiative of the Ministry of Electronics and IT.

Facebook founder Mark Zuckerberg’s social media accounts have allegedly been hacked more than once.