Smartphone Security: Why It Is Important and How To Protect Your Device
Mobile cybersecurity threats continue to grow as more and more people are using smartphones for everyday convenience and work. The need for appropriate smartphone security is crucial. Installation of applications from untrusted sources, granting permissions for unknown apps, and even the use of messaging applications can all leave a user vulnerable to attack.
Users of the WhatsApp messaging app were recently put at risk due to vulnerability of the web-based extension of the application. Roughly 200 million of the 900 million WhatsApp users are estimated to be at risk of malware exposure.
The bug in the WhatsApp web logic allows hackers to sending a user a vCard containing malicious code. A vCard is used in the app to easily trade contact information between users, so many users won’t think twice before opening one. Once the corrupted vCard is opened, the user’s smartphone is then vulnerable to various malware, including bots and ransomware. The truly frightening part of this problem is the ease in which a hacker can carry out these attacks-all they need is the phone number of the WhatsApp user.
Mobile threats are not solely restricted to stolen information-mobile device users are at risk for many different kinds of attacks, and messaging apps are a common way for hackers to take advantage of users. Just recently, messaging apps were used to trick investors into buying worthless stock by sending out deceptive messages regarding the stock in question with the app’s mass messaging feature. This is known as a “pump-and-dump” stock scam and can cost investors big bucks.
As in the case of these investors, the rise of the “mobile workplace” has drastically increased the use of smartphones. In addition to the volume of people using their smartphones for work, they are also using a multitude of different apps for everyday convenience. Unfortunately, we are not always taking the same security precautions that we would take on our home computers. With a slew of automatic updates coming through every day on our smartphones, we have become accustomed to just hitting “ok” without thoroughly checking it all out. Criminals use this to slip through the cracks and before you know it, your device has been compromised and your information is in the wrong hands.
Before you can truly understand what types of security measures should be taken on your smartphone, it is important to understand the three most common mobile security breaches:
1. Device loss and theft. While losing your smartphone can potentially lead to a compromise of your personal data, the biggest danger is theft of the phone itself and the charges that a thief can rack up with phone calls and purchases (never store your credit card information in mobile applications, for this exact reason). Using a password on your phone can prevent a lost device from becoming an even more costly mistake.
2. Malware. Be very wary when downloading software onto your mobile device. They are just as vulnerable to malware attacks as your personal computer. Malicious malware can cause all sorts of problems, including spam emails and harvested passwords.
3. Unsecured networks. Many businesses boast free Wi-Fi now, so you can conveniently connect while sipping coffee at Starbucks or waiting for hours before a flight at the airport. However, hackers see yet another opportunity in the world of free Wi-Fi, and often set up rogue Wi-Fi networks to trap users in public places. This is more common in other parts of the world, such as Asia, so use caution if traveling overseas.
Now that you understand the need for adequate security on your smartphone, check out the following mobile security tips from the FCC:
- Use passwords. Take a few minutes to set up some PINs and passwords on your smartphone. Set a PIN right on your lock screen, and try to set a different password for each of your important mobile applications, such as banking, email, personal information, etc.
- Don’t change security settings. It may be tempting to change some of your original factory security settings in the name of convenience, but doing so is a bad idea (as is jailbreaking and rooting), as it can make your phone more vulnerable.
- Backup data. Backup important documents, photos, and contact information that is stored on your phone either in the cloud or on removable storage. This ensures that you will not lose important data if your phone is lost, broken, or stolen.
- Only install trusted apps and understand permissions. Do some research before installing new applications-check reviews and confirm that the app sponsor’s official website matches that of the app store link. Also read through the permissions associated with each application you install-you should avoid apps that require access to your personal information.
- Install locating and wiping security. Many phones have a built-in security feature that allows you to locate a lost or stolen phone and remotely wipe the information from the device. If your phone does not come equipped with this security feature, you can install an app that does the same thing.
- Always update your operating system. Enable automatic updates from your service provider or device manufacturer to ensure that your operating system stays up-to-date.
- Limit use of local hotspots. As we mentioned earlier, open Wi-Fi networks are a big target for criminals.
- Wipe data before selling and report stolen smartphones. If you are planning to sell or donate your smartphone, be sure to wipe all of your personal data from the device and restore the factory settings. Be sure to report stolen phones to the local authorities and the wireless provider, as major providers and the FCC have established a stolen phone database to help prevent your device from being activated on another network.
In our current fast-paced, technology driven society, it is easy to forget something as simple as mobile security. Try to keep these tips top of mind! Want to know more? Contact us for more information regarding mobile cybersecurity.