In the Scam of the day for December 14, 2019 I told you about a Tennessee family who reported the Ring camera installed in the bedroom of their three young girls was hacked and the hackers not only were able to spy on the children, but also actually spoke to the children through the Ring’s speakers. As disturbing as this story is, the problem is even more threatening than it appears. While it may seem that hacking into a child’s monitor may be an invasion of privacy and nothing more, the truth is that in many instances, if a hacker is able to gain access to one device that is part of the home’s WIFi network, he or she could also gain access to other connected devices, such as the parent’s computer containing personal financial information or even be able to connect to the computers of the company for which the parent works if the parent’s computer is networked in for working from home. Many hackers search the Internet for unsecured web cameras and baby monitors that have not changed the factory setting username and password which gives them easy access to these cameras.
Since I wrote the December 14, 2019 Scam of the day hackers have published the usernames and passwords of thousands of users of Ring cameras on the Dark Web, that part of the Internet where cybercriminals buy and sell goods and services. As expected, these usernames and passwords appear largely to have been obtained by hackers through data breaches at other companies. The problem is that many people make the mistake of using the same username and password for all of their accounts, which puts them in jeopardy whenever a data breach occurs at any of the companies where they have a username and password.
Anyone who has a Ring camera or baby monitor should make sure that the camera and software are constantly updated with the latest security software from the company that manufactures the camera. It also is a good idea to, as I have advised many times previously, make sure that your router, which connects you to the Internet, is password protected and that you change the username and default password for each of your Internet of Things devices. In the case of the Tennessee family the problem does not appear to have been a flaw in the Ring security cameras, but most likely can be attributed to their failing to change the default password with which the Ring camera came. These default passwords are easily discovered by hackers. Internet of Things devices are also readily hacked when people use the same password for all of their accounts and one of those companies suffers a data breach in which the hacked passwords became available to cybercriminals. It is for this reason that it is always a good practice to have unique passwords for each of your accounts.
You should have a unique, strong password for each of your online accounts so that in the event that there is a data breach and the password for one of your accounts becomes compromised, all of your accounts will not become vulnerable to being hacked. Creating and remembering strong, unique passwords for each of your accounts is not as difficult as it may appear. You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords. Add a few symbols like !!! and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts. Thus, your Ring password could be IDon’tLikePasswords!!!RING.
Another important way to enhance your security is to use dual factor authentication by which when your account is being accessed, the company sends a one-time code to your cell phone to use to be used to access your account so even if a hacker has your password they would not be able to access your account. Ring offers the option to use dual factor authentication. Here is the link to set up dual factor authentication on your Ring device. https://support.ring.com/hc/en-us/articles/360024818291-Using-Two-Factor-Security-Authentication-with-Your-Ring-Products
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”