Having access to the web, our personal documents and a host of apps while messaging with friends and family — all in the palm of our hands — is a luxury that’s easy to take for granted. Today’s mobile devices are more than telephones; they are personal computers, digital banks, wallets and GPS navigators. This all means our phones store a large amount of personally identifiable information (PII) that attackers are looking to steal and misuse.
As cybercriminals continue to target personal smartphones, developing strong mobile security habits is vital to your digital safety and security.
What are the signs a phone has been breached?
Hackers can try accessing your smartphone in a variety of ways. Phishing is a common tactic that aims to trick you into handing over money or personal information by impersonating a trusted person or official. Through a successful phishing attack, a cybercriminal can use your personal information to access your private accounts. A phishing attack could also lead to unsafe apps and malware being installed onto your device, making your data accessible to attackers.
Fake apps and websites also present a threat to your digital security. Visiting the wrong website or downloading a malicious app on your smartphone can give a cybercriminal access to the information on your device. Furthermore, some malware can give hackers control over your smartphone’s basic functions, such as texting or making calls.
If your smartphone is infected, it may show sudden erratic behavior that affects your calls, texts and apps. Some viruses run in the background of devices and are harder to detect. Other signs to watch for include:
- Shorter than normal battery life
- Sudden data usage increases
- Slower operation than usual
- Programs stalling or being unresponsive
You should also watch for unauthorized charges on your bill or to the credit card accounts you’ve connected to the device.
Keeping your data protected
Even legitimate apps can pose challenges to our digital privacy and protection. Before zipping past the terms and conditions and pressing "download," take a moment to consider their digital privacy. Some apps collect user information, such as location and browsing history. While this data is gathered mainly to push advertising to mobile users, it can also be sold — and there may be privacy risks that could lead to identity theft depending on who's buying the information.
Fortunately, there are effective ways to enhance app privacy for mobile devices:
- Read before you download: The terms and conditions included with apps are usually so long that most people skip them, but they're worth a closer look. These agreements include your permission to access certain types of information on your device, including contacts, device location, calendar data and call logs. Some apps access only what they need to function — such as a GPS app that taps into your location data — but others gather data that's not needed for the app. Unless the access is needed for the app to function, you should decline permission.
- Check the developer’s reputation: Even if the terms and conditions seem non-intrusive, do some research to confirm that the developer or company producing the app is legitimate. App stores may include information about who created the app along with links to that person or business. Visit the website to confirm contact information, including an email address for support issues. App fraud and scams are increasingly becoming a concern, so do your homework, especially when investigating banking or financial apps.
- Read reviews: User and media reviews often deliver insights on app usability issues and glitches, and may also be helpful for spotting privacy concerns. For example, reviews about kids' apps not only give information on what kind of data is collected, but also bring up privacy and security concerns you may not have considered.
- Keep your operating system updated: Some malicious apps take advantage of flaws in older operating systems, especially those that haven't been fixed with a software update. Stay on top of security patches and updates for all of your devices.
Secure your logins
As much as you want to protect your device from cyber threats, remember that the physical device can put your data at risk if it is lost or stolen. That’s why you should lock your phone when not in use. Whether you use a private PIN, facial recognition or thumbprint scan to unlock it is up to you, but any of these options will make it more difficult for a bad actor to access your device’s information when you’re not looking.
Similarly, you should secure the accounts you access via your device by upgrading your passwords. Every account should have its own unique password or passphrase — otherwise a cybercriminal could access multiple accounts with just one compromised password. And the more complicated the better. The typical 8-character, memorable password can be hacked by a cybercriminal in just two minutes, where as a complicated, scrambled passphrase would take nearly 16 million years. A secure passphrase consisting of at least 12 characters of mixed upper- and lower-case letters, numbers and characters, and which is difficult to guess, provides much more security.
Added safety from mobile VPNs
A virtual private network (VPN) establishes a private network connection between your device and any Wi-Fi connection or public network you are connected to. A VPN encrypts the data transmitted to and from your device, making it more difficult for cybercriminals or unauthorized third-party users to track your online presence or intercept/access your personal information.
Mobile VPNs maintain a constant connectivity, allowing you to jump between different internet connections without interruption, all while masking your IP address and your location. For those who work virtually or travel often, it is commonly known that public Wi-Fi networks are often insecure and vulnerable to attacks. Running a mobile VPN on your smart device keeps your data more securely protected from potential threats while connected to unsecured networks.
Enhanced mobile security
Protecting your smartphone is not only essential for ensuring the digital safety and security of your sensitive personal information, but also for your financial information, healthcare data, online activities and your personal photos, files and conversations. Implementing these low-investment strategies today could help save yourself from the headache of a mobile security issue tomorrow.