Computerhelp4all logo Articles AboutTopicsQuizzesComputer Questions & AnswersComputer Terms & DefinitionsActivitiesContact

Home > Articles > Computer Terms & Definitions > Cybersecurity > Threats To Individuals

What Is Shoulder Surfing?

What Is Shoulder Surfing

Date First Published: 19th May 2023

Topic: Cybersecurity

Subtopic: Threats To Individuals

Computer Terms & Definitions

Difficulty: Easy

Difficulty Level: 3/10

Learn more about what shoulder surfing is in this article.

Shoulder surfing is the practice of looking over someone's shoulder to steal their sensitive information, including password, card numbers, and PIN numbers. Shoulder surfing can be done by directly looking over someone's shoulder within a short distance or within a long distance by using binoculars or other vision-enhancing devices.

Shoulder surfing allows an attacker to physically view the device screen to obtain personal information and requires them to be nearby to the target. They will often wait until the target is rushing or unaware of their surroundings. Shoulder surfing is becoming a common tactic to steal confidential data as no technical skills or deception tactics are required.

Examples Of Shoulder Surfing

Below are three examples of shoulder surfing:

  1. You are sitting near someone in a coffee shop and are typing in your username and password on your phone to log into your email account. This allows them to sneakily look over your shoulder and copy down your username and password without you knowing.
  2. You are in a town centre and entering your PIN number in an outside ATM to withdraw cash from your account. As you are entering your PIN number, someone behind is watching you tap in your PIN number. They then record your full PIN number and watch where you put your debit card. When you are not looking, they sneakily steal your wallet which has your debit card in it, allowing them to make purchases in your name.
  3. You are in an airport and are paying a bill online using a public Wi-Fi network, which is already unsafe as hackers may be able to intercept private information shared over the network. However, someone behind you has a clear view of your screen by looking over your shoulder and records your card details, allowing them to purchase items in your name.

Where Does Shoulder Surfing Happen?

Shoulder surfing can happen in any public place, but it is more likely to happen in busy places because it is easier for the attacker to observe the target and blend in without being easily detected. Examples of busy places include:

  • Coffee shops
  • Bars and restaurants
  • Airports
  • Public transport, like buses and trains
  • Large workplaces
  • Hospitals
  • Town centres

How To Prevent Shoulder Surfing?

The consequences of being a victim of shoulder surfing can be very serious. Attackers can steal usernames and passwords to gain unauthorised access to your accounts, access confidential data, and steal your financial information to commit bank fraud. Recovering from identity theft/fraud can take weeks, months, or even years, so prevention is much more important than recovery. Below are five steps you can take to prevent shoulder surfing.

  • Use two-factor authentication for your electronic accounts. Although this won't prevent shoulder surfing, it will prevent the attacker from accessing your electronic accounts without your permission by adding an extra layer of security, like a four to six-digit verification code, or a secret question or answer. Even if the attacker obtains your username and password by looking over your shoulder, they would not be able to gain access to your account as they wouldn't be able to get past the second security check. You don't need to eliminate passwords, but you should consider using two-factor authentication, if possible.
  • When entering sensitive information in a public place, sit with your back to the wall, if possible. That way, it will be impossible for anyone to sneakily look behind your shoulder unless they are right next to you.
  • Always be aware of your surroundings. In busy public places, don't ignore your surroundings. If you get distracted or are in a rush, you might not notice someone behind you looking over your shoulder.
  • Use a privacy screen protector for your devices. This is a sheet placed over your screen that will make it harder for anyone to see your screen from far away. You will be able to see your screen, but it will obscure the visibility of the display from anyone further away.
  • Use a password manager. By using a password manager, you will no longer have to separately type each password. After you have entered the master password for your password manager, it will enter the passwords for you, so attackers won't be able to peek at your keyboard input to find out your password.


Feedback

  • Is there anything that you disagree with on this page?
  • Are there any spelling, grammatical, or punctuation errors on this page?
  • Are there any broken links or design errors on this page?

If so, it is important that you tell me as soon as possible on this page.


Comments


What Is Computerhelp4all?

  • Computerhelp4all is a site with articles for everyone about the topic of computing, as suggested in the name '4all'.


Featured Articles

Featured Quizzes

Topics

Computer Networking Cybersecurity Computer Systems Web Design & Development

Subtopics

Network Services Network Setups Network Standards Network Hardware Network Identifiers Network Software Internet Protocols Internet Organisations Data Transmission Technologies Web Development Web Design Web Advertising Web Applications Web Organisations Web Technologies Web Services SEO Threats To Systems, Data & Information Threats To Individuals Security Mechanisms & Technologies Computer Hardware Computer Software Ethics & Sustainability Legislation & User Data Protection

Activities

Wordsearches Unscramble Words Knowledge Questions

Difficulty

Easy articles Medium articles Advanced articles

Follow Computerhelp4all


Facebook Logo
RSS Logo
YouTube Logo

Search



Related Articles





© 2022-2024 Computerhelp4all | Home | About | Privacy Policy | Cookie Policy | Terms of Use | Facebook | Twitter | RSS Feeds | YouTube