Bluejacking is a cyberattack during which an attacker sends unauthorized messages to Bluetooth devices in the area. Because Bluetooth has a small range, bluejacking is only possible when a person is within 10 meters of an attacker. Bluejacking messages could include unsolicited pictures, audio files, business cards, or promotional information. While bluejacking is typically harmless, an attacker could potentially share a link to a harmful website that aims to infect the device.
How bluejacking happens
- A bluejacker uses a Bluetooth scan to find Bluetooth-enabled devices nearby (e.g., smartphones, laptops, or smartwatches).
- Once they discover the recipient’s device, they select it and pair their own with the recipient’s device.
- The attacker then crafts and sends a message to the paired device.
- The recipient receives the messages immediately, as long as they’re still in the range.
Where bluejacking occurs
- Shopping malls
- Public transport (e.g., trains, buses)
How to prevent bluejacking
- Turn off Bluetooth on your device when you’re not using it.
- Change your Bluetooth settings to private. Bluejackers won’t be able to discover your device or connect to it.
- Keep your devices up to date. Bluetooth has many vulnerabilities, so it’s important to get the latest updates to safeguard against them.