IBM
Business Tech & Wireless

IBM: Dating Apps Pose Security Risk

March 24, 2015

By Mae Marie, Close-Up Media Staff Writer

For those thinking about using a dating app to look for a last-minute date for Valentine’s Day, you want to think again, reports IBM.

The company said that its analysis indicates that more than 60 percent of the leading dating mobile apps that it studied are potenti ally vulnerable to a variety of cyber-attacks that put personal user information and corporate data at risk.

According to IBM, the study reveals that many of dating applications have access to additional features on mobile devices such as the camera, microphone, storage, GPS location and mobile wallet billing information, which in combination with the vulnerabilities may make them exploitable to hackers.

Businesses also are at risk: IBM found that nearly 50 percent of organizations analyzed have at least one of these popular dating apps installed on mobile devices used to access business information.

“Many consumers use and trust their mobile phones for a variety of applications. It is this trust that gives hackers the opportunity to exploit vulnerabilities like the ones we found in these dating apps,” said Caleb Barlow, Vice President, IBM Security. “Consumers need to be careful not to reveal too much personal information on these sites as they look to build a relationship. Our research demonstrates that some users may be engaged in a dangerous tradeoff – with increased sharing resulting in decreased personal security and privacy.”

Security researchers from IBM Security identified that 26 of the 41 dating apps they analyzed on the Android mobile platform had either medium or high severity vulnerabilities. The analysis was done based on apps available in the Google Play app store in October 2014.

The vulnerabilities discovered by IBM Security make it possible for a hacker to gather valuable personal information about a user. While some apps have privacy measures in place, IBM found many are vulnerable to attacks that could lead to issues such as the data app used to download malware, GPS information used to track movements, credit card numbers stolen from the App and other security threats.

IBM said that consumers and businesses can take steps to protect themselves against potential threats. As described the company, these actions include:

-Be Mysterious: Don't divulge too much personal information on these sites such as where you work, birthday or social media profiles until you're comfortable with the person you are engaging with via the app.
-Permission Fitness: Figure out if you want to use an app by checking the permissions it asks for by viewing the settings on your mobile device. When updating, apps often automatically reset the permissions determining what phone features they have access to, like your address book or GPS data.
-Keep it Unique: Use unique passwords for every online account you have. If you use the same password for all your accounts it can leave you open to multiple attacks if one account is compromised. 
-Punctual Patching: Always apply the latest patches and updates to your apps and your device when they become available. This will fix any identified bugs in your device and applications, resulting in a more secure experience.
  -Trusted Connections: Use only trusted Wi-Fi connections when on your dating app. Hackers love using fake Wi-Fi access points that connect you directly to their device to execute these types of attacks. Many of the vulnerabilities found in this research can be exploited via Wi-Fi.

What Can Enterprises Do?

Businesses also need to be prepared to protect themselves from vulnerable dating apps active inside their infrastructure, especially for Bring Your Own Device (BYOD) scenarios. IBM found that nearly 50 percent of organizations sampled for this research have at least one of these popular dating apps installed on corporate-owned or personal mobile devices used for work. To protect confidential corporate assets, businesses should:
-Adopt the Right Protection: Leverage Enterprise Mobility Management (EMM) offerings with mobile threat management (MTM) capabilities to enable employees to utilize their own devices while still maintaining the security of the organization.
-Define Downloadable Apps: Allow employees to only download applications from authorized app stores such as Google Play, iTunes, and the corporate app store.
-Education is Key: Educate employees to know the dangers of downloading third party applications and what it means when they grant that app specific device permissions.
-Immediately Communicate Potential Threats: Set automated policies on smartphones and tablets, which take immediate action if a device is found compromised or malicious apps are discovered. This enables protection to corporate resources while the issue is remediated.

IBM said its security team used its new IBM AppScan Mobile Analyzer tool to analyze the top 41 dating apps available on Android devices to identify vulnerabilities that can leave users open to potential cyber-attacks and threats. To understand enterprise user adoption of these 41 dating apps, app data was analyzed from IBM MobileFirst Protect, formerly MaaS360.

More information on the research:
www.securityintelligence.com/datingapps  

((Comments on this story may be sent to newsdesk@closeupmedia.com))

THE DAILY VIEW

  • Alexandra Scarborough
    Gilt and Sarah Jessica Parker Unveil SJP by Sarah Jessica Parker Bridal Collection for Spring

    Sarah Jessica Parker, in partnership with Gilt, kicked off the exclusive launch of SJP by Sarah Jessica Parker Bridal, Gilt’s first foray into bridal ready-to-wear that would have Carrie Bradshaw swooning.

    The collection includes dresses, skirts, bodysuits and other pieces, ranging in price from $295 to $2,395 and from sizes 0 to 14.

    "Collaborating with Gilt on my first bridal ready-to-wear collection was an opportunity I couldn't pass up," said Sarah Jessica Parker. "The team there is brilliant and allowed me to be imaginative and take risks as I was designing for the non-traditional bride. It has been quite fun to play around with colors, fabrics and details to create unique pieces for all kinds of brides." The collection, comprised of ten styles, is inspired by Parker's vision of a modern, non-traditional bride, and is designed to dress a woman for a variety of wedding milestone moments; from her bridal shower through her wedding reception. Styles offered are a unique mix of classic dresses and gowns, modern bodysuits, full skirts, and a jumpsuit. The color palette includes traditional bridal white, sleek black, plus pops of blush, poppy, light gray and blue.

    Designed in collaboration with Gilt, the collection was produced in New York City utilizing fabrics like cashmere and stretch crepe sourced from Spain, Italy and France.

    The pieces all feature carefully curated details like elegant bows, sophisticated cutouts, feathers, intricate embroidery and beautiful hand-stitched beading. 

    The actress and style icon is no stranger to chic bridal wear. Carrie Badshaw, famously played by Parker, took part in an elaborate bridal photo shoot in Sex and the City: The Movie. The shoot featured gowns from designers like Christian Lacroix and Lanvin. Parker famously wore a black wedding gown for her own wedding to Matthew Broderick in 1997.

    "Not only is Sarah Jessica Parker's style known around the world, her point of view is one-of-a-kind," says Tom Ott, Chief Merchant of Gilt. "Sarah Jessica brings her impeccable taste and fashion sensibility to life in this collection. We think our customers will be delighted with the offering which is stylish and well-priced in the bridal category."

    As part of the bridal launch, Gilt will also offer 15 exclusive styles from the SJP by Sarah Jessica Parker footwear line, each of which are complementary to the bridal collection. 

    To correspond with the bridal collection launch, Gilt City will present offers from some of Sarah Jessica Parker's favorite places in New York City.

    The offers were each chosen as a way to help brides plan for and celebrate the big day with highlights including, Leather Spa, Lars Nord Studio Tailoring, Mah-Ze-Dahr Bakery, among others.

    More Information:
    http://www.Gilt.com/SJP

  • Alexandra Scarborough
    Tea Forté Introduces ‘Matcha’ Collection

    Convenience meets tradition in Tea Forté’s new Ceremonial Matcha Bowl Set and the Matcha Single Steeps.

    The company said its spring harvested, shade grown, stone ground, organic matcha tea is best served in a centuries-old Japanese tea ceremony called chanoyu: a preparation technique known for its centering meditative qualities.

    "The launch of Tea Forté's Matcha collection represents our continued commitment to wellness and cultivating all the potential mental and physical health benefits of tea," says Tea Forté CEO Michael Gebrael. "In addition to our high quality Pure Matcha, we've also blended four distinct flavored Matcha varieties. Prepackaged in pouches measured out for a single serving, our Single Steeps Matcha is ideal for the office, travel, or to keep with you for a boost anytime."

    Tea Forté noted its handcrafted ceremonial tea bowl, handmade bamboo whisk and measuring ladle “encourages serene enjoyment of our premium Kosher, gluten-free and vegan matcha blends.” These include: Pure Matcha, Chocolate Matcha, Coconut Matcha, Ginger Matcha, and Chai Matcha.

    According to a release, in addition to its distinctive taste, matcha is prized for its health benefits. Steeped green tea contains only the antioxidants that can be extracted in water, while with matcha, the whole leaf is consumed.

    Available now in select stores and online at teaforte.com.

 

 

QUICK 5


Expedia.com has released a year-end look at U.S. traveler behavior and trends for 2017, analyzing data to identify the most in-demand destinations, hotels, activities and more.

Among other insights, the roundup revealed:
  1. Labor Day was the busiest weekend for car rental
  2. Disney Theme Parks topped the list of things to do
  3. The average hotel stay was two nights
  4. Top destinations based on 2017 air travel included major global cities like New York, London and Bangkok
  5. Popular tourist destinations included Orlando, Cancun and Las Vegas