Things You Can Do to Prevent Network Eavesdroppers from Stealing Your Information

Bobo Kwok


The Difference between Network Eavesdroppers and Computer Hackers

Network Eavesdroppers are different from computer hackers. A hacker infiltrates a network system and aims to take control of the system1, while a network eavesdropper gets into and out of the system without being detected and aims to retrieve information of interest2. 

Understanding Network Eavesdropping

Consider network eavesdropping in an in-person environment. It can happen in a situation where you and a friend are talking about a new job you just got. A stranger may be purposely standing behind you and listening to the entire conversation. You may not notice that the stranger is listening to your conversations because they may be looking at their phone, and you do not get a glance at how they look. More importantly, the stranger has not received consent from you, but yet, they have retrieved information about you and have remained anonymous3. Think about this being on the internet, where you may be using a bank payment website and a hidden person is looking over your transactions and bank accounts.

An Example of Network Eavesdropping

Keystroke logging can be used to eavesdrop on a person’s keystrokes4. An attacker can record the sounds of keystroke activities of a user through different software and interpret what the user is typing4. This can be dangerous if the user is working on company information or personal information and the attacker successfully analyzes what the user is entering. Alarmingly, users oftentimes do not know that their keystrokes are being recorded. However, companies and organizations are using different measures to secure their system, such as Zoom Company uses advanced encryption standard-256 (AES-256) to encrypt chat messages sent between participants5. 

Tips Everyone Can Do to Prevent this from Happening

New Habits

You can create a strong password by making use of special characters like asterisks or the dollar sign, numbers, as well as lowercase and uppercase letters6. It may also be good practice to change your password frequently6, especially for bank accounts or medical-related accounts. Also, try not to use the same password for all accounts you create. 

Another thing is to be aware of accounts that do not require a password to gain access to every time6. An example would be email accounts stored on your computer and smartphones. Another method to secure accounts accessible without always asking you to log in is via security apps. They can be downloaded so a password will be required to access such applications. A simple habit you can do is to sign out of your accounts when done accessing it. 

Moreover, keep an eye out for transactions made through your account6. You can check bank transactions weekly for unusual transactions even if it is in small amounts. Some accounts will send emails to you if an unknown device tries to access your account. For instance, Netflix sends out email notifications including location and time information to users if someone signs into the account7. 

This last safeguard may require more effort, but you should learn where and who your information is released to6. When signing up for a new account, do some digging into how the company secures your information and who can look at your account. Reading the privacy policies of the company can help you determine whether you trust the company or organization with your personal information.

Avoid Unless Necessary

This may sound obvious, but try not to use public Wi-Fi unless necessary. Public shared Wi-Fi is generally more exposed to network eavesdropping problems than private Wi-Fi networks6. Keeping your account and passwords private is a good idea as well. Sharing accounts that contain credit card information and home address to anyone is not safe. A few dollars cheaper per month for a Netflix or Amazon Prime subscription may not be worth the risk. This leads to the discussion of understanding what information you release publicly online. 

Think twice before uploading a post on social media6. A basis for this can be if what you are about to post is not something you would share out loud, you probably would not want to post it online. This may be sharing a picture of your car that reveals your license plate or posting a caption with your phone number. It becomes dangerous if a network eavesdropper also gets access to license plate information with other private data from the DMV. They can easily identify you and may use this for personal interests, such as if they work in a car insurance company. 

Works Cited

  1. Gao, Xing (2015). "Information security investment for competitive firms with hacker behavior and security requirements"  Annals of Operations Research 235, pp. 277–300.

  2. Li X, Wang Q, Dai H-N, Wang H, (2018). “A Novel Friendly Jamming Scheme in Industrial Crowdsensing Networks against Eavesdropping Attack” Sensors 18(1938), pp.1-23. 

  3. Bighash Leila, Steves Kristen, Hagen Christina, Hollingshead Andrea, (2020). “A Model of Social Eavesdropping in Communication Networks” International Journal of Communication 14, pp.3704–3726. 

  4. Smet Milou, Leijten Mariëlle, Van Waes Luuk, (2018). “Exploring the Process of Reading During Writing Using Eye Tracking and Keystroke Logging” Written Communication 35(4), pp.411-447.

  5.  "Advanced chat encryption". Zoom Help Center.

  6. “Stolen Personal Data on the Rise.” Manager: British Journal of Administrative Management, 2015, pp.8.

  7. “I Received an Email Stating There Was a New Sign-in to My Account.” Help Center.