We’ve all got a load of sensitive info on our phones — texts with loved ones, banking details, passwords and family photos. 

We’re giving away a brand-new iPhone 16 (a $1,500 value). Enter to win here. No purchase necessary!

You don’t want anyone snooping around, whether it’s an app maker on the other side of the world or the guy sitting behind you at the coffee shop. Take five minutes to run this privacy audit, and then pat yourself on the back for a job well done.

Check your permissions

When you download apps, they often request a variety of permissions to access different parts of your phone — think your location, camera, microphone, contacts and text messages. Some are essential for the app to function properly (like a navigation app needing access to your location) but others are absolutely unnecessary. 

3 SECURITY AND DATA CHECKS YOU SHOULD DO ONCE A YEAR

The most critical permissions to pay attention to are your phone’s location, camera and microphone. Only trust apps that have a clear, legitimate need for these permissions.

Use your common sense, too. Ask yourself: Does a shopping app really need access to my contacts? Should a photo editing app know my current location? For me, the answer is no. Granting unnecessary permissions increases your privacy exposure, so it’s better to err on the side of caution.

To check what permissions each app have:

• Apple iPhone: Go to Settings > Privacy & Security, then Location Services, Camera or Microphone.
• Google Pixel: Open Settings > Security and privacy > Privacy controls > Permission manager.
• Samsung Galaxy: Head to Settings > Security and privacy > Permission manager.

You’ve probably granted permissions to apps on your computer, too, that you forgot about. Here’s how to check those while you’re at it.

DO THIS WITH YOUR FAMILY VIDEOS BEFORE IT’S TOO LATE

Lock down everything

Your lock screen is the first line of defense against unwanted eyes. You can use a PIN, pattern, fingerprint, facial recognition, whatever. No matter which method you choose, it’s far better than leaving your phone unsecured. 

If you’re using a PIN, stay away from anything obvious like 1234, your birthday or address, or the last digits of your phone number.

• Apple iPhone: Set this up via Face ID & Passcode.
• Google Pixel: Head to Settings > Security and privacy > Device lock.
• Samsung Galaxy: Under Settings, look for Lock screen and AOD.

Make sure you’re setting your phone to lock itself as soon as possible. It’s an easy, foolproof way to keep prying eyes away from your sensitive info. (iStock)

You’ll also want your phone to lock as soon as possible when you’re not using it. I find around 30 seconds is the sweet spot between safety and annoyance.

• Apple iPhone: Under Settings, choose Display & Brightness > Auto-Lock.
• Google Pixel: Head to Settings > Display and touch > Screen timeout.
• Samsung Galaxy: From your settings, tap Display > Screen timeout.

Keep out strangers

The short-range transfer tech built into iOS and Android is super handy when you need to share something with a friend or relative. But you don’t want strangers pinging you with unwanted photos, videos and other files.

ELECTION FRAUD ALERT: STEPS TO SAFEGUARD YOUR VOTE

This happened to me once at the airport. In my case, it was just teenagers pranking me with silly pictures, but this can end a lot worse. 

• Apple iPhone: Your device uses AirDrop for these types of transfers. Limit it to contacts only or turn it off altogether via Settings > General > AirDrop.
• Android devices: The transfer tool here is called Quick Share (formerly Nearby Share). On a Pixel, you’ll find the sharing prefs under Settings > Connected devices > Connection preferences > Quick Share. On a Galaxy, it’s under Settings > Connected devices > Quick Share.

Browse the web 

Open your phone’s browser and say hello to instant tracking, unless you do something about it.

Web browsing apps are rife with instant tracking mechanisms. Fortunately, you can disable them. (Chesnot/Getty Images)

• Put limits on this on your iPhone by opening Settings > Apps and tapping on Safari. Under the app’s settings, scroll to Privacy & Security and toggle on the option for Prevent Cross-Site Tracking.
• For Chrome on Android, open the browser and tap the three dots (top right). From there, hit Settings > Privacy and security > Third-party cookies and turn on Block third-party cookies.

That wasn’t so bad, right? Now, do your loved ones a solid and pass it along so they can stay safe, too. Yes, that includes teenagers!

Get tech-smarter on your schedule

Award-winning host Kim Komando is your secret weapon for navigating tech.

Copyright 2024, WestStar Multimedia Entertainment. All rights reserved.

I just spent a few minutes with the new iPhone 16 Pro and Pro Max, which feature bigger displays with thinner bezels, revamped cameras, and Apple’s new Camera Control button, which is pretty fascinating.

Let’s start with Camera Control, which is a physical button — it depresses into the case ever so slightly, with additional haptic feedback from Apple’s Taptic Engine to make it feel like a chunkier click. You can just click away at it, and it’ll fire off photos from the 48MP main camera with zero shutter lag. I was not able to slow it down in my short demo time, but we’ll see how it goes in real life.

The button is also ultra sensitive, so pressing it ever-so-lightly brings up swipe-to-zoom controls, and double-pressing it lightly brings up additional controls you can swipe between, like lens selection, exposure, and the new photo styles available on the Pro. It took me a second to figure out how hard to press but it wasn’t hard to figure out.

The phones themselves are slightly taller and wider than the 15 Pro models, making room for larger screens: a 6.3-inch panel on the 16 Pro and a massive 6.9-inch display on the 16 Pro Max, emphasis on Max. It’s made possible partly by new thinner bezels, too.

The big news for the smaller phone is that the regular 16 Pro now comes with the 5x telephoto camera formerly reserved for the Pro Max. Apple has managed to wedge it in alongside the main and ultrawide cameras. That’ll be a welcome addition for anyone who wants a proper zoom lens without having to buy the biggest phone.

If you were hoping for some more vibrant colors on the Pro phones, well, you’ll have to keep waiting. The best Apple has done this year is a darker gold called “desert titanium.” The other color options are familiar restrained neutrals.

It’s no secret cybercriminals thrive on personal information to pull off scams, commit bank fraud and engage in identity theft. But did you know that a lot of the information they need is readily available on people search sites? It might surprise you to learn that these companies gather and sell your personal data — everything from your contact details to information about your family — often without you even realizing it.

What’s more, this data can become even more vulnerable to breaches simply by being stored on these sites. For instance, I recently discussed an alarming incident where 2.7 billion records were stolen from a background search site called National Public Data and then shared for free on a cybercrime forum.

Having your personal information floating around on these people search sites and data broker databases significantly increases your risk of falling victim to scams. But don’t worry. I’ll dive into the details of how this happens and, more importantly, what you can do to protect yourself and stop it.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

Cybercriminals exploit people search sites for personal data

People search sites like Whitepages, Spokeo and BeenVerified are designed to help users find and connect with others, but they’ve become a goldmine for cybercriminals. Despite warnings against using the data for stalking, harassment or harm, these sites offer a wealth of information that can be exploited by malicious actors.

Scammers can access a wide range of personal details, including addresses, phone numbers, email addresses, birthdates, family information, employment history and even religious beliefs or political affiliations. They can also find property records, court and police records and information about hobbies and interests.

This comprehensive data allows cybercriminals to build detailed profiles of potential victims, making it easier to craft convincing scams or carry out identity theft. The abundance of personal information available through these sites poses a significant risk to individuals’ privacy and security.

A woman is upset about her personal information being online. (Kurt “CyberGuy” Knutsson)

3 ways scammers use people search sites

Let’s talk about how scammers are using people search sites to find their next victims. It’s pretty alarming, but understanding how this works can help us stay one step ahead.

1. Finding victims

Cybercriminals can easily browse people search sites to dig up information about random individuals. They can look up names and uncover a treasure trove of details — like email addresses, phone numbers and other contact info. This is where things start to get a bit dicey.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

2. Profiling victims

Once they have access to this information, scammers can create detailed profiles of their targets. They might find out about someone’s job history, whether they have kids or even if they’re single and looking for love. They can also determine if someone is elderly, which can make them more susceptible to confusing tech jargon. Research indicates that a staggering 60% of cybercrimes against seniors — who are particularly vulnerable — are at least partly fueled by the personal information available online, often through data brokers and people search sites.

3. Putting the plan into action

With all this information in hand, scammers can launch targeted phishing attacks to trick victims into revealing sensitive information. They can create scams designed to steal money or even commit identity theft. There are countless stories of individuals falling prey to these scams and losing their identities. 

In many cases, the scammers likely sourced their information from people search sites. In some shocking instances, certain data brokers — like Epsilon, Macromark and KBM — have been caught red-handed selling personal information directly to scammers, giving them the tools they need to exploit vulnerable individuals.

A person using a people search site on their laptop. (Kurt “CyberGuy” Knutsson)

MOST TARGETED CITIES FOR TRAVEL BOOKING SCAMS

4 ways to keep your personal information off people search sites (and away from scammers)

With the threat data aggregators like people search sites pose, it’s definitely a good idea to keep your information off their databases. While it won’t put a definitive stop to scammers, it will make it harder for them to find the information necessary to target you. It will also limit the number of places your data can be found online, thereby reducing the chances of it ending up in a data breach. That said, removing your information from people’s search sites can be easier said than done. It’s not impossible, though. Here’s what to do.

1. Track down and opt out from people search sites that sell your data

The first and most obvious step is to track down people search sites that sell your personal information and make them remove it. Fair warning: This requires a time commitment and ongoing maintenance.

You’ll first have to look up your own name, phone number, email address or home address on any popular search engine. You’ll likely see a bunch of people search sites in the search results. From there, you go through the results pages, visit each website that shows up and send individual opt-out requests to each one.

Since they refresh their databases often, most people search sites will add your personal information again after some time, though. So if you want to keep your data offline, you’ll have to check back every few months and remove it again.

If you have a few bucks to spare, I recommend using an automated personal information removal service. These services remove your data from people search sites and tons of other data broker types. Check out my top picks for data removal services here.

2. Limit the number of online tools and services you use

You should also exercise some good digital hygiene practices. Like being more discerning about the online tools and services you use. Many of them actually harvest your personal information and sell it to third parties, including people search sites and data brokers.

Even something as seemingly benign and widely used as extensions can be leaking your data online. A study conducted by researchers over at Incogni revealed 44% of Chrome extensions collect your personally identifiable information (PII). Even if they don’t sell it, this increases the risk of data breaches and malicious activity if the extension goes rogue.

You should reevaluate the apps, extensions and online accounts you use. Remove anything you don’t really need. For those that you do need, check the privacy policies for their data collection and sharing practices. You can always find more privacy-conscious alternatives.

3. Use throwaway emails and burner numbers wherever possible

Living in the digital age, I know it’s not really possible to go without any online tools. To sign up for most, you need to share at least an email or phone number. Unfortunately, those details are often shared with third parties, end up with people search sites and data brokers, circulate the web and ultimately result in increased spam and malicious attacks.

It’s a lot safer to use burner numbers and masked or throwaway accounts. This allows you to sign up, receive communication and maintain control of your online accounts while keeping all of the associated data and activity from being linked to your real identity.

4. Use private browsers and search engines

Browsers and search engines are another big source of data. Most of them track and share at least some of your online activity. Thankfully, there are plenty of browsers and search engines designed with privacy in mind.

I’ve previously recommended a few privacy-conscious search engine alternatives. They come with their own benefits and drawbacks but they all keep your search history private. The same goes for the browser itself.

Kurt’s key takeaways

It’s clear that while people search sites can be useful for reconnecting with friends or finding information, they also pose significant risks to our privacy and security. By taking proactive steps to protect our personal data, we can make it much harder for cybercriminals to exploit our information.

In your opinion, what should be the responsibility of companies that collect and sell personal data regarding user privacy? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you’d like us to cover

Follow Kurt on his social channels

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com.  All rights reserved.