Given that most of us carry our smartphones 24/7, you’d expect them to be secure 100% of the time. You’d be wrong.
Security threats to our mobile device are here to stay, and even more concerning – they’re on the rise. In 2016, McAfee reported detections of 100-1000 malware infections per hour in the US and several other countries worldwide. In late 2016, they predicted ransomware would pose a significant threat through the first half of 2017. In the same report, McAfee predicted Adobe Flash being the main target of zero-day vulnerabilities. The following seven steps can help you mitigate some of the most preventable cyber-attacks on your mobile phone.
1. Don’t use a jailbroken device
Starting with the obvious drawback, jailbreaking a phone voids all warranties from the manufacturer and your mobile service provider. Secondly, mobile devices have embedded security features that become exposed and vulnerable once the device is jailbroken. Once these security features are removed, protected data becomes vulnerable as the validation on several apps disappears. If you decide to jailbreak your device, make sure you have the technical savvy to apply your own security protection to your device, such as changing the Root password of your phone if you’re using iOS. While jailbreaking your phone allows you to supercharge your security features and turn off your GPS tracking, the limitless array of pirated apps and software available to you can be riddled with malware and spyware, ultimately defeating the purpose of seeking enhanced security. Don’t throw out the baby with the bathwater – only take the risk of jailbreaking your device if you’re able to plug all the security holes that come with it.
2. Keep your updates current
Make it a habit to update your apps and software. Scratch that – make it an obsession. If you were a gardener, you wouldn’t let weeks grow freely. But since you’re reading this, you’re probably not a gardener, so instead imagine that a non-updated app is like rotting food in your fridge. Refresh it now or you’re going to have an even bigger mess on your hands.
Constantly checking for updates can be a pain, so software developers make it even easier for you – they push updates quite often and give you an alert. Don’t ignore these alerts – they’re for you. iPhones give you the option to update the software overnight, so you don’t even need to think about it. Keeping your device up-to-date is a good security practice that will ensure your apps and features are working and security vulnerabilities are patched. Outdated software leaves your device vulnerable to malware, ransomware, and not-fun headaches to deal with.
3. Only download apps from the official app store
Whether you are a Windows, Android, or iOS user, always make sure to download apps directly from the official app store for your platform. Official app stores (and third parties) constantly check the software for suspicious code and remove infected apps.
3rd party stores, download sites and P2P file swapping services lack the oversight and accountability that official stores carry. Installing apps from these can potentially give an attacker the opening they need to slip their malicious code into an unauthorized copy of an app from the app store, and downloading one of their apps is an invitation to hack your device. If you feel tempted to download an app from a website, check to see if there is a similar app on the app store.
4. Use password protection
When you get a new phone, you’re prompted to set up a secure password to unlock it. Don’t skip this step – not only is it very easy to do, it’s the first layer of protection for your phone if it gets lost or stolen. You can upgrade your phone’s security by using a fingerprint lock, which you may find to be a more convenient way for you to unlock your phone. Password protection will serve as the physical security portion of protecting your smartphones and other mobile devices. You can also install app lockers to give individual apps an extra layer of protection.
In addition to password protecting your device, you may want to consider encrypting your phone’s data, which can keep sensitive data such as your banking apps private.
5. Install mobile security
While apps are more isolated on mobile devices than PCs, this step can help make sure your devices are secure from malicious websites and apps. You can find security apps from your app store that can protect your phone for free or at little cost. The top types of recommended mobile security apps are a VPN, antivirus/antimalware, website url safety scanner, and an app that can analyze your device and show you the permissions you have set for each app.
6. Set up a remote wipe
If your smartphone or mobile device is lost or stolen, a fingerprint password, PIN, passcode, or password may protect your device – but as we learned from the FBI iPhone saga, anyone can do this for $100. To prevent this from happening to you, you can setup a remote wipe for additional security, allowing you to wipe all data off the device remotely to prevent handing your information to a tech savvy thief. You can also track your device’s location with some remote wipe apps. Check with your service provider to see if they recommend any remote wipe apps or have the capability to do this for you.
7. Be vigilant against social engineering attempts
Cyber criminals often develop fake banking apps and emails in an attempt to lure you into giving up your personal data. The first thing you should do is make sure you’re able to spot a phishing email. Be skeptical about any communication sent to you from anonymous sources and URLs other than from your bank. If you receive a text claiming to be from your bank, make sure to call your bank to verify the authenticity. But, don’t call a number that was texted to you. Call your bank’s official number. Never reply to a suspicious text and immediately report any suspicious activity to your bank and service provider. Lastly, make it a habit to periodically check your bank and mobile service accounts for suspicious activity. Not doing so could cost you…