Watch CBS News
Trending

Happy (hacked) Valentine's Day

By Aimee Picchi

/ MoneyWatch

This Valentine's Day, there's a new worry for would-be Romeos and Juliets: the security of their online dating apps.

The answer, according to a new study from IBM Security, is that the technology is about as vulnerable as the human heart. The technology company found that 63 percent of the leading dating mobile apps were at risk of being hacked. IBM declined to name names, but said the apps include some of the most popular ones out there.

Several factors account for the risk around dating apps, IBM Security vice president Caleb Barlow told CBS MoneyWatch. People who use mobile dating apps often offer up a trove of personal information, while many mobile apps treat security as an afterthought. On top of that, mobile devices include functions such as microphones, cameras and GPS that can be used or tracked by fraudsters, putting consumers at risk.

Harvesting flowers for Valentine's Day
Harvesting flowers for Valentine's Day 17 photos

"Part of the challenge in dating apps is the mere fact that getting to know someone requires answering a lot of questions," Barlow noted. "You are more likely to share sensitive data. It's not like it's 2 p.m. and you're in a cubicle. You are in a bar at 2 a.m. and you are looking to meet someone."

Hackers can create all sorts of havoc with the security flaws IBM Security discovered. For instance, someone could gain access to a camera or microphone, even if a user isn't logged into the app. Almost three-quarters of dating apps also have access to current and past GPS information. Combine that with the ability to hack into cameras and mics, and fraudsters could track users to confidential business meetings and eavesdrop.

Such corporate espionage issues might not be a risk for most Casanovas, but more mundane security problems, such as stolen credit cards, are. About half of dating apps have access to a user's billing information saved on their device, but because of poor coding hackers could steal that information, IBM said.

The security flaws also include the potential to send malware to consumers. Some apps could be reprogrammed by hackers to send what would look like a message, but when clicked on downloads malware onto the device.

That nearly two-thirds of dating apps has medium-to-high security vulnerabilities "surprised us a bit," Barlow said. "We operate in a world where if you are gathering personal and private information, then you have a responsibility to protect the users of the application."

Part of the problem may be that mobile apps are often quickly developed and pushed out to consumers, which could mean that security isn't a high priority, he added.

Consumers can take some steps to protect themselves. First, don't provide too much personal information on sites until you are comfortable with the person you are wooing.

Second, carefully consider all the permissions the app is asking for. When some apps update, they automatically reset the permissions to gain access to some features, like GPS.

Third, make sure to use unique passwords for every account. If a hacker gets access to your dating app and its password, make sure it doesn't work for your banking app or other programs. Another important precaution is to only connect to a dating app via trusted WiFi connections.

"This isn't about being a downer on Valentine's Day," Barlow said. "Have fun. But like when you are going down a dark street, you need to have your wits about you."

Aimee Picchi

Aimee Picchi is the associate managing editor for CBS MoneyWatch, where she covers business and personal finance. She previously worked at Bloomberg News and has written for national news outlets including USA Today and Consumer Reports.

First published on February 11, 2015 / 7:16 AM EST

© 2015 CBS Interactive Inc. All Rights Reserved.

View CBS News In
CBS News App Open
Chrome Safari Continue
Be the first to know
Get browser notifications for breaking news, live events, and exclusive reporting.