Valery Fadeev, Chairman of the Presidential Council for the Development of Civil Society and Human Rights, recommended that Russians stop using smart speakers. In an interview with RIA Novosti, he called it a "very simple measure" to protect against fraudsters who, according to the police, can use such devices to track and extort data. Fadeev stressed that there is no need to ban technology — everyone decides for themselves whether they are willing to risk privacy for the sake of voice control. Earlier, the Department for Combating Illegal Use of ICT of the Main Department of the Ministry of Internal Affairs for St. Petersburg and the Leningrad Region warned about the possibility of using smart speakers in remote fraud schemes.
Technical risks: constant access to the microphone
Smart speakers (Yandex.Station, VK Capsule, SberBoom, and others) have a constantly active microphone that waits for a voice command. In normal operation, recording starts after the assistant is activated, but vulnerabilities in the firmware or a compromised owner's account may give attackers the opportunity to:
- remotely turn on the microphone and listen to the room;
- initiate calls through the speaker, imitating calls from a bank or government agencies;
- use the "skills" function to introduce malicious code.
According to experts, in 2025, cases were recorded when fraudsters contacted victims through smart speakers, posing as security service employees. The vulnerability is exacerbated if the manufacturer's account (Yandex ID, VK ID) is protected by a weak password or is used on multiple devices.
The measure is very simple — you don't need to use smart speakers. What smart speakers? If you want to listen to music, well, put on a disc. You just don't need to buy speakers — my advice
What to do for smart speaker owners
If you do not plan to completely abandon the device, cybersecurity experts recommend:
- turn off the microphone with a physical button when the speaker is not in use;
- use a complex unique password for the account linked to the device;
- regularly check the list of active sessions and linked devices in the account settings;
- disable the "calls from speaker" function if it is not needed;
- do not buy third-party "skills" without checking the developer.
The statement of the head of the HRC is not the first signal about the risks of the Internet of Things in Russia. Against the background of the growth in the number of fraudulent schemes using IoT devices (more than 2.5 thousand such incidents were recorded in 2025), the discussion about privacy goes beyond technical recommendations. For users, this is an opportunity to reconsider how necessary the voice interface is in everyday life, and what security compromises they are willing to accept for it.
