It is surprising that an estimated 20% of Americans own a “smart speaker,” such as an Alexa™, Amazon’s voice-activated assistant.
In the general case, Amazon and Google have blocked spying and vishing apps from being available on your smart speaker. However, researchers have cleverly demonstrated a way to bypass Amazon and Google’s blocking attempts. One takeaway is that no smart speaker app will ask for your password. If one does, don’t give it; instead, delete the app.
You are sitting at home and verbally ask your voice assistant (it could be your Alexa™ or your smartphone) to call reservation services for an upcoming airplane flight. Instead of the correct one, a scammer’s phone number is returned and auto-dialed. The clever scammer paid to put a phony number high in the search results! A real case cost one sad victim over $400. The answer from the Better Business Bureau is not to use a voice assistant for something this important.
Believe it or not, even your home robotic vacuum cleaner can be hacked to “listen” to your home conversations! While this risk has been demonstrated only as a research project, it implies that we should pay attention to “leakage.”
FOR FURTHER READING:
CyberGuardian: a SecureTheVillage Guide for Residents is available on Amazon.
A complete Security Checklist is available: https://www.nerdsiview.com/security-checklist-2/
References for Village Residents are available at SECURETHEVILLAGE: https://securethevillage.org/residents