Those flashlight apps more than 500 million people have downloaded onto their cell phones are spying on them.
So are the Bible apps and most other apps downloaded for free onto phones and tablets. The app developers know where you are, your phone number, your friends and can even take your photo and record your conversation.
Those who don't use apps still can be targets of cyber-theft.
In South Mississippi, police said, two women have had their credit card numbers digitally pick-pocketed while they shopped -- though their purses were never opened. A woman filed for her tax refund, then learned from the IRS someone else had used her Social Security number and claimed her refund. Skimmers hidden on ATMs and gas station pumps along the Coast have stolen credit card numbers that are then used to buy high-value gift cards several states away.
Sign Up and Save
Get six months of free digital access to the Sun Herald
Cyber-crime is happening right here in increasing numbers, said Greg Cronin, president of Charter Bank in South Mississippi.
"If it hasn't happened to you yet, the percentages are very high that it will happen," he said. But there are things people can do to protect themselves.
-- Before inserting a card to withdraw cash or buy gas, run a finger across the slot. A lot of times the skimmer that would steal your number will fall off, he said.
-- "Be very aware of who or what is around you." Don't use a card if a suspicious person or situation is nearby.
-- Beware of public Wi-Fi. "It's free to everybody," he said, including cyber-thieves who will have access to credit card numbers and other information you are sending.
-- Change your passwords often, about every 90 days, and don't use simple passwords such as "password" or consecutive numbers.
-- Sign up for text or email alerts when a transaction is made on your credit card or mobile banking account.
As law enforcement and the financial industry find a way to stop one type of cyber-crime, Cronin said, the "other side" is finding new ways to defraud consumers, banks, businesses, hospitals and the government.
People hear about credit card fraud at Target stores and other retailers but may not know it's happening at local stores and restaurants.
"We see a breach every week," he said. "Breaches have become commonplace."
Cyber-crime in many forms
Biloxi Police Chief John Miller said his department has investigated 244 cases of credit card fraud over the last two years -- or more than 10 a month just in Biloxi.
In December, credit cards taken out of vehicles in Ocean Springs were used at Wal-Mart and attempted at Dillard's in Biloxi. The same month, two men accused in a credit card fraud in D'Iberville made their way across the Coast using the same stolen credit card information at stores in Biloxi, D'Iberville and Gulfport.
Like bands of cyber-gypsies, groups traveling in several vehicles will pull into Biloxi and other Coast cities for a few hours or a few days. Miller said he knows they've come from Missouri, Chicago and Atlanta.
In one case, Miller's department responded to a Biloxi casino on complaints of noise and possible marijuana use. Police arrested several people from Chicago with counterfeit cards and equipment. The group was targeting casinos in Tunica and Biloxi, Miller said, but also made stops in New Orleans, Gulfport, Mobile, Orange Beach, Pensacola, Germantown, Memphis and Chicago -- "all within a month."
In another case, a woman staying at a local casino ordered room service. Before the food arrived she got a real-time alert saying her credit card was being used in Saint Louis, Mo. Miller said a person claiming to be from guest services called in to the casino, saying their computer went down and asking them to verbally repeat the last three room-service orders and credit card numbers. "They just outsmarted the casino," he said.
In all cases when a person or business owner believes they have been the victim of cyber-crime, "absolutely they should file a report," Miller said. If the crime is committed at a local business, the police will go get a video that may help them catch the cyber-thief or be able to link it to other crimes.
Police across the Coast share information and resources to stop credit card fraud and cyber-criminals.
"There's no jurisdictional boundaries to these criminals," D'Iberville Deputy Chief Clay Jones said. With large shopping areas close to the interstate, D'Iberville is a target for credit card fraud and the police and merchants are taking action. A grant pays the salary of a "hot spot" police officer, who is in constant contact with D'Iberville merchants and handles shoplifting cases. The merchants have formed a network so if one store is hit by phony credit cards, "all of our stores know about it," he said.
The police department educates D'Iberville residents on cyber-crime at neighborhood watch meetings and Jones said they are well aware of cyber-threats.
Like a gun that can save a person from a burglar or be used to kill someone, the Internet can be used for good or bad, said Gary Miliefsky, CEO of SnoopWall, a counterintelligence company that detects and protects people and companies from cyber-threats.
When he discovered that flashlight and other apps were spying on consumers, he created a free program to detect and remove the bad apps. Flashlights that are built into phones are perfectly safe, he said.
Cyber-crime will be the biggest crime in the world, costing $600 billion a year, and he said the way into a network or computer can be as easy as one person opening a bad email attachment.
"The IRS lost 101,000 Social Security numbers this week," he said Thursday. The access to the system was traced to a person in the Department of Homeland Security opening an attachment with a RAT, or remote administration tool, which allows a hacker to control an account from another location.
People need to be aware when they leave their Bluetooth, Wi-Fi or pay by phone turned on, "it's a Trojan horse in your pocket," he said. Cyber-thieves can get information from 15 feet away with Bluetooth and up to a half-mile away with public Wi-Fi. Turn it off when it's not in use, he said.
What to do
Bill Hardekopf with Lowcards.com said he's amazed at how cyber-criminals keep one step ahead of the law. Converting to the chip credit cards made it harder for thieves to replicate the cards, so now he said they are moving to CNP -- "cards not present." When a person uses a credit card online or by phone the chip security doesn't do any good against the criminals, he said.
Consumers can pay for credit-monitoring services, or check their own credit scores, bank statements and credit reports, he said. "If you are diligent enough you can do a lot of those things the expensive services can do."
Don't think it can't happen to you, he said. "Cyber-crime is ageless, raceless, genderless," he said. "They just want your personal information."
If you are a victim, "the first step -- other than shrieking -- is to call your credit card company and inform them," he said. "You have to stop the bleeding immediately."
For more information
Check to see if an e-mail has a virus here.
See the FBI's most-wanted cyber criminals here.
Get tips on how individuals and businesses can prevent cyber fraud here.