Eye on webcam hacking and malicious browser messages

May 2021

Eye on webcam hacking and malicious browser messages

People are spending more time online than ever before. Hackers are targeting the way we live now, exploiting the changing ways we find information, communicate with one another, and conduct our work. Awareness is the first method to combat hacking, but it must be paired with protective measures. Find out how companies can help their employees secure their important personal and business information.

Key Learnings

  • Hackers are using tactics including webcam hacking and malicious browser warnings to target victims’ computers.
  • Companies should alert employees to the increased risk to protect their business and personal computers.
  • A combination of enhanced security measures and paying attention to new and unusual messages and unexplained changes in how devices work can help identify and combat hacking activity.
  • Always report any suspected fraudulent activity so that the authorities can track down cybercriminals and help others avoid being a target.

How Webcam Hacking Works

Webcam hacking, also known as “camfecting” for camera infecting, happens when a hacker uses a virus to infect a victim’s computer and provide access to the webcam without the user’s permission. Once that access is obtained, the remotely activated webcam can be used to watch anything within its field of vision. Often the light on the camera is disabled, so victims don’t realize it’s happening, but users may notice the light going on and off randomly, when they’re not actively using their webcams.

Camera hacking has not only affected private individuals’ computers, but also security cameras and other networked cameras used by corporations. In 2021, hackers breached a security startup and gained access to live feeds of 150,000 surveillance cameras inside hospitals, police stations, companies and schools.1

What are Malicious Browser Warnings?

Malicious browser warnings are pop-up notifications that appear to be legitimate chats, system dialogs, or warnings about viruses or video permissions, but are used to mislead users, deliver malware or phish for personal information. Scammers have increased their use of malicious browser warnings or prompts, and the tactic often escapes detection by current cyber defenses. However, many valid websites use desktop or push notifications to share reminders or alerts with their users, and once users grant permission for those desired notifications they may also put themselves at risk for malicious notification.

In fact, Google announced in 2020 that abusive notification prompts are among the top user complaints about its Chrome browser.2 The company enacted measures to detect websites misusing notifications to deliver malware or harvest user information and alert website owners to abusive notification behavior on their sites.

How to Protect Your Devices from Hacking

The positive news companies can share with their employees is that despite the increased activity from hackers, regular users can take relatively simple measures to protect their computers and other devices from emerging and heightening tactics such as webcam hacking and malicious browser notifications.

  • Power your computer down when not using it for extended periods of time, including overnight.
  • Unplug or cover your webcam (a piece of opaque tape works, and is easy to remove) when you don’t need to use it.
  • Make sure software updates and security patches are installed in a timely manner.
  • Never click on unfamiliar or suspicious links, especially pop-ups that are from an unidentified source.
  • Set up two-factor authentication on all password-protected networks and websites.
  • Make sure your home, business and any public Wi-Fi you use is secure and password-protected.
  • Avoid chatting with strangers online, and especially sharing any personal details.
  • Make sure any websites you visit are known and secure, especially if you’re entering personal or payment information.
  • Report to the Federal Bureau of Investigation’s Internet Crime Complaint Center (ic3.gov) if you think that any user’s access has been compromised, or if your company is a victim of any type of fraud.

Fraudsters are constantly changing and honing the methods they use to gain access to your networks or account to keep up with the ways we use our computers today. To help protect your organization and your employees, the KeyBank Information Security and Fraud team continually tracks trending fraud issues and offers actionable ways to prevent and combat hacking. For more information on how to keep your business information secure, please visit us at key.com/cybersecurity.

Connect With Us

  • Social Share Icon
  • Social Share Icon
  • Social Share Icon

Find an Expert