Mobile phone camera and microphone into a privacy leak | 'Heavy disaster area'

Online privacy is increasingly becoming a global issue. What software will get our private information? Which acquisitions are cross-border acquisition? How can we prevent privacy leakage and online fraud? Recently, Tencent Social Research Center and DCCI Internet Data Research The Center jointly released the "Network Privacy Security and Cyber ​​Fraud Behavior Research and Analysis Report (first half of 2018)" (hereinafter referred to as "Report"), through the statistics of 1144 mobile APPs to obtain user privacy rights, almost all mobile APPs are currently In the acquisition of user privacy information, but most of them can follow the principle of 'legitimate, just, necessary' to obtain, the proportion of user privacy across borders continues to decrease significantly. In the first half of 2018, the proportion of Android APP cross-border acquisition decreased to 5.1%. Reports and experts Both believe that the implementation of the "Network Security Law", the government's emphasis on cyber security issues, the self-discipline of the Internet industry, the awareness of user privacy and the improvement of skills are all driving the development of the entire network privacy environment.

Android APP crosses the border to obtain a decrease in user privacy

The "Report" refers to the situation where personal information is obtained when the user is unaware of it. The report shows that the leakage of mobile network privacy mainly includes mobile phone software acquisition, free Wi-Fi stealing, leakage of old mobile devices and hacking of corporate big data. channel.

The "Report" mainly collects statistics, research and analysis on mobile phone software to obtain user privacy. The research team selected 869 Android mobile APPs and 275 iOS mobile APPs to analyze the acquisition of three types of privacy rights one by one: 'Core privacy Permissions' include obtaining location information, reading mobile phone numbers, reading SMS records, call logs, etc.; 'Important privacy rights' include opening the camera, recording with a microphone, sending a text message, sending a multimedia message, making a call, etc.; 'general privacy rights' Including turning on the WiFi switch, turning on the Bluetooth switch, obtaining device information, etc., opening the data network, etc.

The "Report" privacy security test results show that in the second half of last year, almost all Android mobile APPs were acquiring user privacy rights, and only 9% of the 869 Android mobile APPs were not acquired. Among them, life shopping and investment banking applications accounted for Compared with the obvious increase, the life shopping category increased from 7.6% to 11.2%, and the investment and wealth management category increased from 9.1% to 10%.

It is worth noting that in the first half of this year, the proportion of APPs that obtained the 'open camera' permission reached 89.9%, and the proportion of APPs that obtained the 'use of microphone recording' permission reached 86.2%. These two rights are also the privacy information that users are most concerned about.

A benign change is that the proportion of Android mobile APPs that obtain user privacy rights across borders has dropped significantly, down from 5.1% in the first half of last year to 5.1% in the first half of this year. Research teams and field experts agree that the Cyber ​​Security Act The implementation of the Internet industry, the self-discipline of the Internet industry, the awareness of user privacy and the improvement of skills have prompted mobile software developers to follow the principle of 'legitimate, just, necessary' in collecting user information.

For the iOS system with relatively complete privacy rights management, there is also a privacy leak. The "Report" shows that in the first half of this year, the privilege of obtaining iOS users increased from 69.3% to 93.8%, and the proportion of image landscaping is as high as 100%.

Every three fraudulent text messages have an illegal loan

According to data from Tencent Security Lab, in the first half of this year, Tencent’s mobile phone housekeeper fraud marked a total of 29.7 million phone calls, intercepted 18.33 million fraudulent SMS messages, and averaged 160,000 fraudulent phone calls per day, and blocked 100,000 fraudulent SMS messages. On the eve of the World Cup. In May, the number of fraudulent text messages surged more than 7.92 million, nearly 10 times that of February.

The most common fraudulent text messages in the first half of this year were illegal loans, virus software & malicious websites, fake base stations, high-paying recruitment and online shopping, of which illegal loans accounted for 32.4%. Fraud calls are mostly for various reasons, impersonating leaders, asking for verification Code and impersonation of public security. The proportion of pornographic websites on malicious websites is as high as 56.9%, and the number of gaming websites has increased to 34.4%. The report believes that the number of gaming websites has increased significantly, and the World Cup is an important stimulus.

Case analysis from Tencent Security Management Department shows that after the college entrance examination in June, the scams in the name of college entrance examination and admission are mostly 'high school entrance subsidies', 'hacker change points', 'guarantee', fake admission notices, or SMS links. Into the virus. The scams during the World Cup are mostly gambling quiz, false award information, malicious phishing websites, etc.