With innovative and in vogue “smart home” devices, you can control your home’s lighting, temperature, sprinkler system, door locks, TV, even dinner … all with a smartphone app. Maybe that’s why these high-tech household helpers are already in millions of American homes — with predictions that by decade’s end, up to 50 billion devices will be connected to the internet, including those using a home Wi-Fi network.
But these gizmos, part of the increasingly popular ‘internet of things’ technology designed to help homes operate more easily and efficiently, also bring risk. Millions have already been hacked. They’ve been used for nefarious purposes ranging from screaming obscenities at a baby to enlisting soldiers in a botnet army that, as demonstrated last October, temporarily knocked offline top websites including Amazon, PayPal, Netflix and Twitter. Some experts suspected this was a test cyber attack to gauge vulnerabilities.
And the more connected your home is, the better chance that cyber crooks can use those devices to track your movements or remotely access your home computer or smartphone to glean email, banking and online shopping data. Your defense:
Change default passwords. Make sure you don’t use the manufacturer’s default password on your router or any smart home device. Most people never change those typically weak, factory-issued passwords — and that’s why so many devices, including routers, printers and cameras, were enlisted for the October attack. Each device should have a unique (and strong) password. A password manager can help: Popular versions that use cloud technology include LastPass, Dashlane and 1Password; apps for your computer’s hard drive include RoboForm and KeePass.
Create separate Wi-Fi networks. You want one for your computers and another for smart home devices. Many routers have a guest network option, which you can use for smart devices. You can also purchase a separate internet connection for the new-fangled gizmos, or split an existing internet connection using a virtual local area network (with help from a tech-savvy buddy or Geek Squad-type business).
Stay updated. Promptly download legitimate updates when you receive a legitimate prompt for your connected device. These can improve function, and include patches for newly discovered security vulnerabilities.
Disable unnecessary features. Deactivate functions you don’t need — especially cameras and microphones, which are hackers’ most favored exploitable features.
Use multifactor authentication. Many smart home device apps offer two-step authentication that users can opt into under “settings.” In addition to your password (something you know), this second layer of protection could be a security key or a one-time code sent to your cellphone (something you have).
Don’t use public Wi-Fi. Turn off the “automatically connect” setting on phones and don’t access device apps in airports, coffee shops or other vulnerable locations.
For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud. Keep tabs on scams and law enforcement alerts in your area at our Scam-Tracking Map.
Also of Interest
- What to Know About the ‘Can You Hear Me?’ Scam
- A New Beed of Con Artists
- Get help: Find out if you’re eligible for public benefits with Benefits QuickLINK
- Join AARP: Savings, resources and news for your well-being
See the AARP home page for deals, savings tips, trivia and more.