Cell phones are easily the most utilized mobile devices in our possession. They are deeply embedded in our everyday lives and activities, and with countless social, personal, and business functions built into our habits and routines, they have become indispensable.
The amount of personal and business information a cell phone contains is enormous. This includes our banking credentials, health and lifestyle data, photos, phone communication, location at any time, and email. Almost nothing is excluded. All this information is like catnip for hackers
We have been conditioned to concentrate our cyber efforts directed towards computer security or specific applications such as email. Cell phone security is usually relegated to the bottom problem step in the ladder of issues to secure. We assume that Apple and Google will protect us and not allow anything bad to be installed on mobile devices. However, those companies could not protect us from our actions that compromise the security of our mobile devices.
Threats to Watch Out For
Web-based threats
Most web-based attacks occur via email or text messaging apps through phishing. Attackers will send an email or message that contains malicious links or attachments for users to download. When a user clicks on a link or downloads a file, it triggers the installation of malicious software on our phone.
Pay attention to the sender's information. Do not download attachments or click on links unless you are confident of who it came from.
App-based threats
The majority of security threats originate from downloaded applications. Hackers create malicious applications that we download. Those applications can steal data from our phone, steal our passwords or transfer money from our bank account.
Do not download applications from unofficial app stores, only from trusted providers
Do not download applications until you need them
Deny permissions, such as camera, location, microphone unless they are essential for the application’s function and purpose
Do not provide login credentials for another app (for example, if a utility or gaming app asks for your Facebook credentials to login, this is a red flag)
Delete apps you don’t use
As alluded to earlier, we should not feel a sense of false security when using the official app stores. Even the professionals at Google and Apple miss malicious apps. Recently, about 400 malicious Android or iOS mobile applications were found to have posed as legitimate software on Google Play and the Apple App Store over the past year, masquerading as photo editors, VPNs, phone utilities, health and lifestyles trackers, games and even flashlight apps, designed to steal user credentials. As many as 1 million users were impacted. All detected malwares have been removed and blocked. However, it is an ongoing threat that we all must be alert to.
Physical threats
Cell phones are small and easy to lose, steal or possess by someone else when unattended.
Use strong passwords, biometric authentication, and set a screen lock for the device to lock itself when not in use. Tracking software will help to recover a lost or stolen device.
Network threat
A network attack occurs when hackers access your mobile device via unsecured public Wi-Fi. Hackers might also set up a fake Wi-Fi network to trick you into using it.
The moral is, stay away from free Wi-Fi hotspots, and never fill in requests to create user ID/Password accounts in order to connect. If you have to use those services, reduce your activities. Do not connect to banking applications or social media and do not make online purchases. Connecting through a virtual private network (VPN) will also add a layer of encryption so no one can intercept your data. However, it is always best to start with a secure network connection.
What else can you do?
Stay on top of OS updates
It is vital to install the latest mobile operating system updates on your devices. In addition to introducing new functionality and resolving bugs, they provide essential security patches necessary for keeping your data safe. A rapid security response to ongoing identified threats is critical to maintaining good cybersecurity hygiene. To check if your phone’s OS is up to date, go to “About phone” or “General” and click “System updates” or “Software update.”
In closing…
Do your best. Ask Questions. Proceed with a sense of diligence and attention to security.
The following infographic provides a helpful visual outline of security ‘checkpoints’ that we should all be aware of as we continue to face many adversaries on the path of cybersecurity.
Mobile Device Best Practices Guide, National Security Agency.
Comments