Smartphones Cybersecurity: Mobile Security Threats
Our smartphones—who can still live without them?
We’ve reached the point that more people are using smartphones than computers in today’s market. Many people use their smartphones as they would a PC. We open our emails, bank accounts, do online shopping, social media accounts, and more. The more tasks we do on our phones means that more personal data is being stored on them, and since cyber criminals know this, for some time, they had been relentlessly seeking out ways to attack using a mobile platform.
- 1 5 Types of Mobile Attack Methods
- 2 9 Smartphone Security Tips
- 2.1 Use a screen lock
- 2.2 Turn Off Geotagging
- 2.3 Protect your Android SIM card with SIM PIN lock
- 2.4 Wi-Fi Protection
- 2.5 Bluetooth
- 2.6 Be careful in downloading applications
- 2.7 Internet browsing
- 2.8 Install mobile antivirus
- 2.9 Remote Wipe
5 Types of Mobile Attack Methods
There are lots of ways that malware can sneak onto your phone. Here are some ways:
It is the most common attack method and usually hides using a fake app. Mobile malware can install spyware, steal or delete data, hijack your text messages and other apps, and can even lock your phone and hold it for ransom.
Common on the internet landscape, and you don’t need to install any app to be a victim of phishing. Phishing scams are most generally sent via email or text messages. The main intent of phishing scams is to try to get you to disclose your personal information. Be aware of shady emails from banking and financial institutions that have a call to action, such as clicking on a link to enter your account credentials.
In addition to trying to get you to give away your personal information, there will be attempts to get you to download mobile malware. Always be careful about clicking on links from unknown senders or suspicious-looking messages from informal institutions that don’t look quite right. Examine the sender’s email address- that can sometimes be a dead giveaway. Phishers like to try to spoof recognizable companies’ email addresses.
On mobile devices, phishing scams are taking the form of SMS or text messages that trick users into revealing details, such as passwords. Known as SMiShing, this involves users receiving a message that urges them to call a phone number. When the user calls, data on the phone is easily extracted. Both the user and the organization may not even be aware of the breach, especially if no security software is used on the mobile device.
The best defense from SMiShing is to educate users not to take calls from unknown text messages, especially if the phone number seems suspicious.
Outdated Device and App
Always update your software and apps as soon as there’s an update available, so these security holes are patched quickly.
Wi-Fi Intrusion/Network Spoofing
A mobile device is only as secure as the network through which it transmits data. In an era where we’re all always connecting to public Wi-Fi networks, that means our info often isn’t as secure as we might assume.
Read here: Public Wi-Fi Security Tips for Dummies 2020
Physical Device Breaches
A lost, stolen, or unattended device can be a significant security risk, especially if it doesn’t have a strong PIN or password and full data encryption.
In case you lost your mobile phone, immediately log out from your social media device. There’s an option in the setting of social media that allows you to logout from other devices. Change your passwords in the apps you have in your lost/stolen mobile.
9 Smartphone Security Tips
Use a screen lock
New smartphones have one up to four different ways of security lock. There’s some debate as to which ones are more or less secure. For now, it’s important just to know your options:
- Lock Pattern- a personalized shape or pattern that is drawn on the screen to grant access. The disadvantage is that if your display easily pics up fingerprints, it might reveal simple patterns. Use a more complicated pattern to be more secured.
- Fingerprint– If your phone has a fingerprint sensor, you can use your fingerprint to unlock your phone, authorize purchases, and unlock certain apps.
- PIN code – offers as an alternative from a screen lock and can save time.
- Full Password – Just like signing into your email account or any other account you have, this is likely the most secure option. The disadvantage is that it will take longer to access your phone.
- Face Unlock – Some phones might have even more options for lock-screen security. Most newer phones with front-facing cameras should have an option for Face Unlock, though it might not be as practical for typical usage (for instance, you may have trouble unlocking your phone in low light, and someone with a photo of you could use that to open it).
- You can use remote tracking if you lose your phone. On Android, it is called ‘Find my Device,’ and on Apple iPhone, it is called ‘Find my iPhone.’ From here, you can remotely disable your phone if needed.
Turn Off Geotagging
Many smartphone social networking apps automatically upload photos to the Internet. The problem with this is that many phones embed location tags, also called “geotags,” right into the photo files themselves.
The geotagging feature can be turned off on most phones, which gives you privacy and ensures that you can’t be found by someone you might not wish to be seen by.
How to disable geotagging on iPhone’s Camera app?
- Launch Settings from the Home screen of your iPhone or iPad.
- Tap Privacy. You’ll have to scroll down a bit to find it.
- Tap Location Services.
- Then tap the Camera.
- Tap Never.
How to disable geotagging on Android’s Camera app?
- Open the camera
- Tap the gear icon for the settings menu
- Toggle the “Location tags” setting.
Protect your Android SIM card with SIM PIN lock
A SIM card typically comes with a default PIN, but it’s not used for locking purposes. The SIM card also has an associated PIN Unlock Key (PUK). If you attempt to do a SIM PIN Lock, and you fail to guess the original PIN, the SIM will be locked with the PUK. If you run into this situation, you’ll most likely have to log into your mobile account to retrieve this information.
To prevent someone from using your sim, set up a SIM card lock in the form of a PIN that will need to be entered when a phone is turned on to connect to a network.
Always switch off your wireless connection when you are not using it. It ensures that people can’t connect to a device without your knowledge. It’s also worth checking your phone’s network security settings as it might be configured to automatically connect to a network when in range without you knowing.
Put a password in your home Wi-Fi. If using mobile wireless or a hotspot, be careful of malicious connections that look very much like a legitimate hotspot from a large company.
Read here: Public Wi-Fi Security Tips for Dummies 2020
Ensure that Bluetooth is turned off when not in use. Set the Bluetooth configuration to ‘non-discoverable,’ so that people searching for nearby devices can’t see yours.
Any unknown requests that pop up through a Bluetooth connection, such as an offer to ‘pair with a device’ should be ignored or declined.
Be careful in downloading applications
The surge in malware relating to smartphones has increased the need to be cautious when downloading apps, and to pay attention to the requirements that any software requires when you install. It can be effortless not to read anything to get the app up and running, but be careful of any demands to access various features of your phone, mainly if the app isn’t well known.
Be careful when accessing a web browser on your smartphone as it can be easy to accept messages that pop up. For example, agreeing to save user details and passwords might make it easy to remember for later, but unfortunately, others can do the same if they gain access to your phone.
Make sure you always look at the URL and make sure the ‘HTTP’ has an ‘s’ at the end. This ensures that the URL you are about to click on is secure. We also recommend that you check for any spelling mistakes in the URL to avoid phishing.
Install mobile antivirus
Many antivirus companies now offer free versions of their commercial mobile products and also protection for multiple PCs and a phone, for a yearly subscription. Install an antivirus on your phone to avoid infecting your device.
If the worst happens and your phone is lost or stolen, you may want to protect your data by wiping data quickly and remotely.
Many operating systems have a range of third-party, dedicated remote wipe applications to choose from.
Don’t be paranoid and stop using your smartphone for fun and convenience. Any new technology needs a new lesson in safety. Just remember these tips, and you can confidently enjoy the use of smartphones.