Bluejacking

Bluejacking is a term that is used to describe the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, laptop computers or PDAs, by sending a vCard that normally contains a message in the name field to another bluetooth enabled device via the OBEX protocol.

Bluejacking was reportedly first carried out by a Malaysian IT consultant who used his Ericsson mobile phone in a bank to send a message to someone with a Nokia 7650. He created a new contact and filled in the first name with 'Buy Ericsson!' and sent a business card to the Nokia phone. He then posted the story on a mobile Web site and gave it the name Bluejacking (taken from the words Bluetooth and hijacking).

Usually, a Bluejacker will only send a text message, but with modern phones it's also possible to send sounds or images as well. Bluejacking has been used in guerrilla marketing campaigns to promote advergames. It is also commonly used simply as a prank, to send messages to unsuspecting strangers in public places. Victims could be enjoying a drink in a coffee shop when their mobile phone beeps to announce they have received a business card. The surprise 'business card' might contain a message such as 'nice cappuccino!", leaving the recipient bewildered and the prankster highly amused.

Bluetooth technology allows a prankster to be out of direct line of sight and still send a message. Bluetooth has a very limited range, usually around 10 metres on mobile phones, but laptops can reach up to 100 metres with powerful (Class 1) transmitters.

Bluejacking should not be confused with Bluesnarfing, which is the illegal hacking of Bluetooth devices to steal personal information.

Many tools have been developed for Bluejacking, such as bluesniff, which seeks out hidden Bluetooth devices, enabling users to find potential 'victims'. One of the most commonly used Bluetooth software is bloover, which allows users to seek then send unsolicited messages to unwary Bluetooth devices.