Shoulder surfing is a social engineering technique used by malicious persons who want to see your sensitive credentials in real life. As by the name, shoulder surfing is someone who is peering over your shoulder, either literally or from a distance, and taking notes of sensitive information such as PIN codes or passwords that you have entered. Here are some techniques to protect yourself from those peering over your shoulder for your sensitive information.
- Install a Privacy Screen on your devices. A privacy screen is a useful tool for not allowing anyone to see what you are viewing on your screen. It blocks light from certain angles so that the only way you are able to view your screen is directly head-on and not from the sides. This is a great deterrent in accessing sensitive information if you are in public.
- Locking your device when you step away from it. It’s always best practice to lock your devices when you are not actively using them. Leaving your device unattended, even momentarily, can allow for malicious actors to access and manipulate your information and device.
- Shield yourself from prying eyes. Physically blocking strangers from viewing your sensitive information is critical when entering bank PINs and passwords in public. If you need to access information on a mobile device in public, have your back against a physical wall or corner to prevent prying eyes.
- Do not access public WIFI. If you must access sensitive information in public do not use public WIFI to do so as your information is vulnerable. Use your data or a personal mobile hotspot to access the information. If it is urgent and you have to use public WIFI then you should use a VPN to access the information.
- Don’t say passwords out loud. Saying credentials or other sensitive info over the phone can be dangerous as well, for those who may not be near but can hear you. Additionally, most reputable organizations will not have you say your password over the phone to verify your identity.
Even with all these tips in mind, users should still be mindful of opening sensitive or personally identifiable information in public, to evade prying eyes.