I don’t want to scare you, but what would you do if someone had access to your webcam – without you being aware?
Imagine that someone could be looking at you through your webcam right now. Isn’t that a weird feeling? Awkward?
Above all, I could imagine it feels like a privacy breach. Even if there’s not that much to see or gain for unwanted snoops, it’s just something you want to prevent from happening.
Even the most talked-about business leader and Facebook CEO, Mark Zuckerberg, is taking webcam security precautions to protect his own privacy.
In this guide, I’ll show you a few important security steps you may want to take, so you can be sure nobody spies on you via your webcam.
Here we go.
Hackers have been actively exploiting vulnerabilities and targeting webcams for many years.
But the threat of webcam hacking is becoming more destructive due to the increasing quality of video. Visual information, such as details about your home, is more accessible than ever.
In late 2015, for example, the local police in Toronto launched an investigation when a women received intimate images of herself and her boyfriend watching something on their laptop via Facebook. The hacker accessed her webcam and was able to activate it remotely.
In 2014, The Atlantic even dubbed webcam hacking “The Webcam Hacking Epidemic” due to the fact that it happened incredibly often between 2011 and 2014.
Hackers and cyber criminals create malware that is specifically aimed at compromising webcams. This is called “Camfecting.”
When infected successfully, the hacker can see their target behind a laptop or desktop PC without the victim having any suspicion.
According to The Atlantic, the Remote Access Tool (RAT) is a type of software that is webcam-focused spy software. The goal of the software is to be able to spy on a target.
The spy software can infect systems using different methods. The two main methods to infect computer webcams are the following:
- Victim opens an infected website
- Victim opens a phishing email attachment
The hacker will get access to your webcam if they succeed in tricking you into visiting an infected website or opening a malicious file.
For example, Jared James Abraham, a 19-year-old American teenager, was broadcasted on the news when he pleaded guilty to hacking over 100-150 women in November 2013.
The teen used an aggressive type of webcam-focused malware called “Blackshades.” He used the malware to steal nude images, videos and other personal data of the targeted women. One of his victims was Miss Teen USA 2013 Cassidy Wolf.
In most cases like this, the hacker uses scare tactics or abuses the personal (often sensitive/revealing) images or videos in order to blackmail their targets.
There are various webcam security measures available to make sure that nobody is able to snoop on you via your webcam.
It’s important to protect yourself and your surroundings against such unwanted snoops. Here’s a list of security measures you should consider.
Cover Up Your Webcam
Mark Zuckerberg (Facebook CEO), James Comey (FBI boss) and Kanye West are a few examples of important and famous people who stop unwanted snoops by simply physically covering up their webcam with tape.
As you can see in the image (look carefully), Mark Zuckerberg physically covered both his webcam and microphone with tape. Mark Zuckerberg seems to use black tape for the microphone and tiny piece of white tape for the webcam.
If you choose to implement the same tactic as the previously-mentioned gentlemen, make sure to test if the cover is effective. Simply set up a Skype call test or, for Macbooks, start FaceTime in order to determine whether you can still see yourself. The tape should block out everything.
Obviously, a piece of tape can be annoying, especially if you frequently use the webcam. Tape may leave sticky residue on the camera and might not stick properly after using it for some time.
Instead of going for the Zuckerberg or Comey solution, it’s also possible to buy a webcam cover online. You can buy webcam covers on Amazon ranging between $7 to $20 for one or a set of covers.
For example, enter “webcam cover” in Amazon’s search bar and scroll through available covers. You can also opt for multi-functional covers that work for laptops, desktops, smartphones and tablets.
Disable or Unplug Your Webcam
Regardless what type of laptop, desktop computer or any other device you’re using, the process to disable the integrated or built-in webcam is usually pretty simple.
The process slightly varies per computer and operating system version, but in general you can simply disable the webcam within the settings or system apps dashboard.
If you’re using an external webcam on your laptop or computer, it’s even more simple. Simply disconnect the external webcam at all times and only plug it in when you want to use it.
With an external webcam, it’s super easy to re-enable the webcam when you do want to use it, as well.
Turn Off Your Desktop PC/Close Your Laptop
I could imagine you’re using Skype or FaceTime for video calls with family members or for business-related situations. Instead of using a webcam cover as discussed in the previous section, it’s smart to just turn off your desktop PC or close your laptop when you’re not using it.
It’s obviously not a long-term solution because it only protects you when the computer is not in use, so another method would need to be used when you are using your PC or laptop.
Do Not Open Phishing Email Attachments (Especially From Unknown Sources)
Phishing emails are a popular and relatively successful method used to trick people into downloading malicious files or opening harmful links.
It’s therefore extremely important to avoid opening emails that show signs of being a phishing attempt.
For example, if you receive an email from (ostensibly) the Federal Reserve Bank, but the actual email address reads something like “[email protected],” you should know there’s something wrong. The Federal Reserve Bank doesn’t use “blake.ocn.ne.jp” email endings.
Another sign that tells you it’s a phishing email are odd email salutations such as “Dear Friend” or “My Friend.” Also, if you receive an email from a (supposed) bank or government institution that contains misspellings, grammar errors and awkward formatting, it’s most likely a phishing email.
Don’t click on any of the links within the text or any attachments that came with the email. It’s highly likely for attachments to contain a type of malware. It’s also not uncommon for hackers to attach webcam-tailored malware to install it onto your computer or laptop.
Read my in-depth post on phishing emails if you’d like to have some extra information. My post also contains a lot of helpful information and tips in regards to phishing emails.
Do Not Click Links/Open Files on Social Media Platforms
An alternative method to phishing emails are shortened links that will redirect you to a harmful website or automatically start a download.
This tactic is mainly used on social media websites and other social platforms. Hackers and other types of cyber thieves use these websites to either send shortened links or malware files to their targets.
They could focus specifically on certain target(s), but they may also send out malicious links/files to a bulk collection of users on a platform or website.
It’s therefore essential to realize that social media is a fun platform, but also presents a lot of opportunities to fall victim to hackers.
Never open any shortened URL, unknown file or any link in general. If you do open a link or file, make sure it’s from someone you trust and know.
The file that you might download could be webcam-focused malware that takes control of your webcam and is then used to spy on you.
Be cautious of identity theft as well. If one of your friends sends you a super weird request or link, it’s probably because his or her account has been compromised.
Scan Your Laptop or Desktop PC for Malware
Traditionally, antivirus software isn’t tailored to scan for webcam-tailored malware but rather for more aggressive types of malware or trojans that cause damage or harm to an entire system.
Antivirus is based on software that – simply put – works via a “recognition” system. So, the antivirus will only detect malware if that specific type of malware is listed in the antivirus’ database.
Of course, webcam-tailored malware isn’t the highest priority for antivirus software developers to patch out vulnerabilities for all the time. Therefore, you should consider downloading a dedicated anti-malware program, like Malwarebytes or HitmanPro.
This type of software is designed to detect malware that might go undetected against regular antivirus software.
Malwarebytes and HitmanPro are both really good alternatives to run alongside your antivirus software.
The software won’t interfere with the antivirus software. Additionally, chances are it might detect malware where the antivirus fails to recognize it.
Has your anti-malware detected a harmful file on your Windows device? Read my post on how to delete malware from your Windows machine.
In most cases, a webcam has an external notification light that will tell you whether the webcam is on or off. For example, a flashing notification light when you’re not using the webcam should ring the alarm bells.
It could be a technical issue, but I wouldn’t be surprised if it has something to do with a compromised webcam.
If your webcam suddenly starts to act strangely, such as a constantly-blinking webcam notification light, search the specifics of the behavior on Google in order to find out what has happened and what could’ve caused it.
Perhaps running an anti-malware scanner at this point isn’t a bad idea.
Update Webcam Software
Similar to any other type of software, when the software is outdated, it’s vulnerable to hackers and exploits.
Webcams are devices controlled and designed by firmware, like other independent electronic devices, such as drivers, network cards, scanners, etc. That means that hackers can easily exploit vulnerabilities in outdated firmware.
Software developers will patch out vulnerabilities in software updates, so make sure to keep an eye on the news in regards to such updates.
Change Your Webcam’s Default Settings
Are you using an external webcam? Then this section applies to you.
External (or standalone) webcams are configured with standard default settings before they leave the manufacturing plant. The manufacturers export their products, which contain the standard default settings like username (admin, for example) and password.
The only way to configure these standard settings and change the default admin and password is to either use the installation CD or download the software on the manufacturer’s website.
It’s definitely possible for hackers to gain access to your webcam. It could be done via a phishing email, a malicious link or file on a social media site, or outdated and vulnerable webcam software.
Just because hackers can gain access to your webcam doesn’t mean that you’ve already fallen victim.
But, it’s better to leave no stone unturned and simply take all the safety precautions that I listed in this article in order to protect yourself.
Mark Zuckerberg and James Comey surely took these safety precautions, so why shouldn’t you?