Pokemon Go: When Cybersecurity “Breaches” Real Life

Many of you may have recently seen what appear to be zombies roaming the planet in search of their next victim. 

Are you up to date with the latest mobile gaming sensation – Pokemon Go? Are you aware of the possible cybersecurity threats lurking beneath the game? 

Pokemon Go is a hit for many reasons, one of which is that it actually uses your location and surroundings as part of the game. While wandering through your neighbourhood, players can see both the houses on their street and the various Pokemon characters who magically appear- waiting to be caught. The game is addicting and engrossing, but unfortunately, it has brought with it some security issues.

First off, when the game launched, it asked for full access to your Google account information by default, allowing the game (or someone who may have compromised the game) access to a multitude of personal details such as your physical address, email, phone contacts, etc.  That has since been fixed by the developers, but it’s likely that millions of people have already inadvertently exposed their information. 

Soon after the game’s launch, a whole host of malware was created to trick users into downloading necessary applications that contain security issues, such as subscribing to unwanted services, clicking on paid advertising, and accessing additional private information.  These pieces of malware are being taken down as quickly as they can be discovered, but the potential clearly exists for more of this behavior to take place.

So what can a Pokemon master do to avoid getting breached? Here are some basic, common-sense security strategies: 

1. Never automatically accept requests to access services from applications you install.  Location awareness, access to contact information, etc. can all potentially be used against you in some way.  By default, you should never allow applications to access this information unless you understand why they want that access.

2. Always verify the author of an application before you download it.  This can be a bit difficult, but matching a company name to the application is typically a good starting point.  Then look at how many downloads it has, and the reviews or ratings of that application.  There is a high likelihood that something that has only been downloaded a few times and has a lot of negative reviews is not something you want on your device.

3. Always be cognizant of online safety with respect to the impact it can have on the real world.  If you have online “friends” that get access to your location information, it can cause all kinds of issues from stalking to burglary to something worse.  Realize that no one online is necessarily who they claim to be, and when the line between the real world and the online world gets blurred you need to take precautions.

Now go out and catch them all! 

 

Critical conversations on critical infrastructure

Find out how your peers are managing their networks through profound change. Watch this series of live interactive discussions with IT pros & join the debate in Slack.

Join the conversation

Read more

12 must-join communities for IT and tech professionals

A compilation of the most vibrant, helpful communities to join if you work in IT or technology, plus some tips for getting started.

Read more
Six non-hype network automation lessons from IT pros

Five IT pros get real about network automation during the first Critical Conversation on Critical Infrastructure hosted in the Network VIP community.

Read more
BlueCat’s DDI Adaptive Plugins and Applications help IT teams better leverage ServiceNow, Ansible, Microsoft, and more

A growing suite of Adaptive Plugins and Applications will help automate existing BlueCat capabilities along with adjacent customer technologies.

Read more
BlueCat Overlay for Microsoft

With BlueCat Overlay for Microsoft, get visibility into Microsoft DNS and DHCP servers by relaying information back to your BlueCat Address Manager server.

Read more

Subscribe to our blog