Bluejacking...

Bluejacking

            Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e. for bluedating or bluechat) to another Bluetooth enabled device via the OBEX protocol. Bluetooth has a very limited range; usually around 10 meters on mobile phones, but laptops can reach up to 100 meters with powerful transmitters. Bluejacking allows phone users to send business cards anonymously using Bluetooth wireless technology. Bluejacking does not involve the removal or alteration of any data from the device. Bluejackers often look for the receiving phone to ping or the user to react. In order to carry out a bluejacking, the sending and receiving devices must be within 10 meters of one another. Phone owners who receive bluejack messages should refuse to add the contacts to their address book. Devices that are set in non-discoverable mode are not susceptible to bluejacking.

Mobile phones have been adopted as an everyday technology, and they are ubiquitous in social situations as users carry them around as they move through different physical locations throughout the day. As a communicative device, the mobile phone has been gradually taken up in ways that move beyond merely providing a channel for mediated conversation. One such appropriation is bluejacking, the practice of sending short, unsolicited messages via vCard functionality to other Bluetooth-enabled phones. To choose the recipients of bluejacks, senders complete a scan using their mobile phones to search for the available Bluetooth-enabled devices in the immediate area. A bluejacker picks one of the available devices, composes a message within a body of the phone’s contact interface, sends the message to the recipient, and remains in the vicinity to observe any reactions expressed by the recipient.

      Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol.

Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters.

Origins

       Bluejacking was reportedly first carried out between 2001 and 2003 by a Malaysian IT consultant who used his phone to advertise Ericsson to a single Nokia 7650 phone owner in a Malaysian bank.^[1] He also invented the name, which he claims is an amalgam of Bluetooth and ajack, his username on Esato, a Sony Ericsson fan online forum. Jacking is, however, an extremely common shortening of "hijack', the act of taking over something. Ajack's original posts are hard to find, but references to the exploit are common in 2003 posts.

Another user on the forum claims earlier discoveryreporting a near-identical story to that attributed to Ajack, except he/she describes bluejacking 44 Nokia 7650 phones instead of one, and the location is a garage, seemingly in Denmark, rather than a Malaysian Bank. Also, the message was an insult to Nokia owners rather than a Sony Ericsson advertisement.

Usage

       Bluejacking is usually harmless, but because bluejacked people generally don't know what has happened, they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but with modern phones it's possible to send images or sounds as well. Bluejacking has been used in guerrilla marketing campaigns to promote advergames.

        Bluejacking is also confused with Bluesnarfing, which is the way in which mobile phones are illegally hacked via Bluetooth.

Techopedia explains Bluejacking

    Bluejacking does not involve device hijacking, despite what the name implies. Thebluejacker may send only unsolicited messages. Hijacking does not actually occur because the attacker never has control of the victim’s device. At worst, bluejacking is  an annoyance. Bluejacking exploits a basic Bluetooth feature that allows devices to send messages to contacts within range.

      Bluesnarfing and bluebugging, however, are actual attacks that may result in a user losing control of his device. Although bluejacking, bluesnarfing and bluebugging use Bluetooth as the point of entry, bluesnarfing and bluebugging are far more harmful. Bluejacking can be prevented by setting a device to hidden, invisible or non-discoverable mode.