subscribe: Daily Newsletter


The risks concealed in popular apps


For the modern users, the whole world is on their smartphone: they speed-date online with Tinder, book an overseas pad by using Airbnb, and even try to get pregnant with the help of such popular fertility apps as Glow.
In fact, users have become so accustomed to getting what they want when they want it they tend to ignore a huge risk that comes with using these digital apps: a risk to your online security and privacy.

NordVPN gives a overview of major risks that come with using some of the most popular apps, and explains how to avoid them.



Airbnb has around 600million users around the world, and about 500 000 people use its services each day. Challenging hotel industry, Airbnb has a dedicated and constantly growing user base.

Problem. From online security perspective, one of the biggest risks of Airbnb service is unsecured WiFi that travelers connect to at their hosts’ apartments. Most often, these are open WiFi networks that are extremely easy to hack into ¬ even more easily than open networks in airports or coffee shops, since open home networks give a chance to the homeowner as well as previous guests to take over the network.

Solution. Use a VPN (virtual private network). VPNs encrypt your internet connection, assuring your privacy and security when surfing the web.. . They are the best security mechanism you can employ to make sure your data is safe.



Tinder is an extremely popular dating app with around 50-million users around the world and 10-million daily users. The location-based app allows a user to select their “matches” from hundreds or thousands of users in their area.

Problem. Tinder has been criticised for displaying user’s GPS coordinates, and has since replaced it with precise distances, which can still be very revealing of one’s location. In addition, Tinder keeps users’ private information even when they deactivate their accounts. Recent research has shown that it is very easy to steal Tinder¹s user information by using a fake profile.

Solution. Be careful how much private information you enter into any app. It’s advisable to divulge as little personal information as possible.



Glow is a fertility app that takes credit for thousands of pregnancies. It uses algorithms to track a woman’s period, orgasm frequency, preferred sexual positions and much more.

Problem. According to Consumer Reports, the app makes it very easy for stalkers, identity thieves or online bullies to log on and take control of any Glow’s users account and her private information. The company has since fixed some major privacy concerns, but some still remain. For example, the company shares personal user’s information with third parties without even asking for permission. In addition, the app encourages a woman to link her profile with her male partner’s, with no option to block a man who requested to link profiles and access all her information.

The company says it’s fixing its security loopholes. “We appreciate Consumer Reports bringing to our attention some possible vulnerabilities within our app,” says Jennifer Tye,Glow’s head of US operations. “The industry only gets stronger with white hats who are looking to protect consumers.

“Once informed, our team immediately worked to address and correct the potential issues and have since released an updated version of the app. We also informed users via email to consider changing their password as an extra precaution. Of the more than 4-million users across our apps, far less than 0,15% of our users could have potentially been impacted, but there is no evidence to suggest that any Glow data has been compromised.”

Solution. If you want to make sure your intimate information is safe, wait till Glow fixes its current security loopholes.


Pokémon Go

Pokémon Go, the wildly popular computer game is taking the world by storm. It’s free, exciting, nostalgic and interactive.  Users can download it for free on Android and iOS devices.

Problem. First of all, Pokémon Go requires to login using Google credentials. When users sign in through an Apple device, they must be careful to choose the right permissions not to y give Niantic, the game developer, full access to their Google Drive. If a user gives permission, then Niantic could technically use anyone¹s identity to send emails, share their information or photos. Secondly, since Pokémon Go is not available in every country, it¹s shared through file sharing websites, and can possibly infected with malware. One known variant of the shared version infects Android devices and allows hackers to access them. Hackers can then download user¹s data, steal their identity or banking information, send emails on their behalf and so on.

Solution. Make sure that you give the right permissions when you sign in, and that your Google account has a very strong password. Don’t download unofficial versions of the game. Don’t fall for the sites that offer free goodies for your Pokemon Go – they are probably set up by hackers.


Fake apps and web sites

Problem. Cyber criminals, attracted by huge number of people that use these apps, are known to create websites that look exactly like Tinder, Airbnb or Glow in order to get users’ personal and financial information.

Solution. The first thing you should always see while making an online payment is whether the payment gateway has an https URL. This means that it is a secure protocol and your data is encrypted properly. Also, be wary whenever a website requests for more information than is usually required, like your Social Security number or any other kind of personal information. In addition, perhaps the most basic requirement for any online account set up is using strong passwords. Weak passwords make it simple for hackers to break into your account.