Information security in 315: search results are manipulated; "free WiFi" traps; high-speed downloads; harassing phone calls from browsing the web; children's watches become "walking voyeurs"

2022-03-16 original text

Included in the collection # 3.151

In the information age, the issue of information security is not only in the field of information technology, but also has become a major security issue in the field of consumption.

On March 15, the "March 15" party of CCTV once again exposed many illegal chaos. This year's March 15 party focuses on safety issues, including information security, production safety, food safety, etc., and sets up the first 315 information security laboratory. The network information security and the information security of children's interactive products have become the focus of attention.

Search results are manipulated

Consumers want to determine whether a company's word-of-mouth is good or bad, often in the vast amount of information on the Internet, based on search results, user evaluation, as well as some articles, information, etc., to make a comprehensive judgment. However, they do not realize that some seemingly reliable information is secretly manipulated.

The March 15 party revealed that Inmax is an Internet technology company that provides word-of-mouth services for enterprises, claiming to be a closed-loop private domain traffic pool designed to build brands, search and word-of-mouth for enterprises. When netizens ask for help in questions and answers, encyclopedias and forums, many of the questions and answers they see are made by word-of-mouth companies like them pretending to be real users.

For critical reports and user complaints released by some platforms, word-of-mouth marketing companies even use technical means to directly display web pages as 404 pages that cannot be found.

? "Free WiFi" App hides traps

Recently, many "free WiFi" ads appear frequently on mobile phones. In the app market, there are also many apps offering "free WiFi connection" services. 315 Information Security Lab conducted a special test and found that not only is the free WiFi not connected at all, but there are a bunch of inexplicable applications in users' phones.

In other words, these "free WiFi" App induce users to download other applications. Not only that, these free WiFi applications also collect a lot of user information in the background, and there will be a large number of pop-up ads on users' phones.

Software download platform high-speed download hidden tricks

When many users want to install software, they may go to some special software website to download it. 3 ·15 Evening exposed the problems of bundled downloads and pop-up advertisements in the "high-speed download" downloader in the pc6 download station. Platycodon grandiflorum download station, Tengniu, ZOL software download and other platforms have similar problems.

The so-called high-speed download is to induce users to download software through the Baibu downloader. There is no difference between ordinary downloads and high-speed downloads.

Inducing, bundling and installing other software is only one of the routines of the Baibu downloader. When users use the Baibu downloader to download a desired software, sometimes the result will be replaced with other software, which they call "changing packages".

Browse the web to reveal the cell phone number and cause harassing calls.

Many users may have the experience of browsing some websites on their mobile phones without leaving a phone number, but received a sales call from the relevant industry.

The March 15 party revealed that Rongying Communications specially built outbound call systems and provided outbound call lines for some e-commerce companies. Here, harassing calls are vaguely referred to as "strangers". According to the internal personnel of the enterprise, through the financing camp communication outbound calling system to make harassment calls, you can hide the real calling number and prevent complaints. Ronglian Qimo, a subsidiary of Ronglian Cloud Communications, is also providing outbound call systems and lines for e-commerce companies.

Around the black industry of harassing calls, in addition to these companies that specialize in outbound calling systems, there are also people providing big data support for harassing calls.

Does the low-end children's smartwatch become a "walking peep"?

The 315 Information Security Lab conducted a special test on the children's smartwatch and found that the watch was remotely controlled after the tester disguised the download QR code of a malicious program as a lottery game to deceive the user. Malicious programs can automatically send important information in the watch, such as location, address book, phone records, etc., in real time.

The root cause of the cyber attack on children's smartwatch is that its operating system is too old. The Android 4.4 operating system does not have any rights management requirements, and there is no link to inform the user or get the user's authorization.

Some manufacturers choose a lower version of the operating system for the sake of keeping costs down. But it ignores the security of users and brings endless trouble to consumers. This kind of intelligent terminal has become a serious disaster area in the protection of personal information. In addition, the compulsory claim of App brings great harm.

According to the CCTV financial report

Selected message

Users set not to download comments