Smartphones these days are capable of doing almost everything a low-end PC can do, which is why the growing number of smartphone users often choose to do their work directly from their phones. The increased activity on smartphones, especially involving Internet usage, has resulted in their rapidly increasing popularity as a target for privacy and security attacks. While uninformed users might surf the Web, socialize, transfer files, and pay their bills from the convenience of their phones, they leave their personal information, financial information, and data vulnerable to attacks. So before going for smartphone security tips let’s see what are the threat, how it is done.
Mobile phone threats come in many different forms and they are becoming more sophisticated. With the source code to operating systems available, it is much easier for developers to create malicious software or find ways to tap into your phone. There have already been many reported cases of attacks on phones via open Wi-Fi access points, Bluetooth connections, and applications, users need to take preventive measures to avoid being the target of an attack. There is also the most basic threat of physical theft resulting in data loss and data leakage for which also there are preventive measures.
What is the threat of smartphones? Top 10 Smartphone Security Tips
There is a range of ways to gain access to an unprotected mobile phone. Apart from open Wi-Fi networks, an experienced hacker can exploit our phone’s Bluetooth connectivity, 3G/4G access, or through malicious applications. Once the attacker has access, a lack of protection or poor security settings leave your data open to a multitude of threats and attacks and the increasing use of cloud services means attackers can move through the Internet faster than ever before.
The development of operating systems for different devices means the same malicious software that affected PCs can now affect your smartphone. The open nature of Android and, to a lesser extent, Windows Phone makes these OSes easier targets for viruses. Other threats include unauthorized access, increased charges through cross-service attacks, eavesdropping, and SMS spamming, all of which can lead to leakage of sensitive data and information.
How it’s done? Top 10 Smartphone Security Tips
Malware and viruses can infect a phone through e-mails, SMSes, open Wi-Fi networks, and even Bluetooth connections. The greatest mode of spreading malware, however, is through application downloads, which is of real concern specifically for Android users after a study by Juniper Networks in May 2011 revealed a 400 % increase in Android malware. Viruses can sometimes infect multiple files on a device and then spread across devices when files are transferred over the Internet or via Bluetooth.
Cross-service attacks are more a threat to the owner’s pocket than they are to data. The availability of multiple forms of connectivity on one device means an attack carried out through one interface might give the attacker access to another. For example, an attack through your phone’s wireless network interface might enable the attacker to use your phone functionality to make long-distance calls or send large volumes of messages, much like an e-mail worm that sends mass e-mails from your account.
Eavesdropping is a threat to all Internet users, irrespective of the device they are functioning from, but it is far easier for a hacker to access packets transferred between a smartphone and a server due to the lack of encryption used by mobiles. An unprotected wireless network or even unauthorized carrier-based networks can be manipulated to leak data packets to users other than the intended targets.
Another method of infection is through spam SMS. While SMS spam may seem innocuous at face value, it can be quite harmful if not dealt with correctly. Most users would think the worst a spam message could do is annoy you, but clicking through to a link in an SMS could leave you vulnerable to unauthorized downloads and infection through malicious sites. Sometimes spam SMS is sent through premium charge numbers and responding to a quiz or poll can incur high billing costs.
Top 10 Smartphone Security Tips
The security rules of mobile phone usage are similar to those of e-mail and are pretty fundamental. Never reveal personal information, credit card information, or bank details through messages. To prevent unauthorized access to your phone, you should turn off all modes of connectivity when not being used and avoid answering or responding to calls and messages from unknown sources. It is also advisable to avoid transferring files between devices without scanning them first.
Here are a few tips to help you avoid losing your valuable data or allowing unwanted users from accessing your phone.
-
Time-Lock your phone
In case you have left your phone unattended or if it gets stolen, you do not want to let unauthorized users get easy access to your phone. While it might seem quite obvious, a lot of smartphone users stick to the default screen lock on their device, which means anyone can unlock and use their device with ease. Depending on the device you are using, there are screen lock applications available that you can download or you can even set up your phone to request a PIN or password to enable access. Android phones offer a grid screen lock that requires you to swipe the dots in the correct pattern and you can get similar applications for ios devices. These days almost all phones have a fingerprint lock system which is much secure in comparison to pin/password or pattern. Blackberry and Windows Phone users should use password or PIN code-protected screen locks.
Whatever type of screen lock you are using you will have the option to make your device auto-lock after a certain period of inactivity. This will ensure that your phone cannot be accessed by someone else even if you have forgotten to lock it and have left it unattended. Similarly, it is also advisable to have a PIN requested at a start-up.
-
Create backups everywhere
There are a plethora of phone backup applications for all operating systems. You can use apps like Titanium Backup for Android that will create a backup of all your data, contacts, settings, and customizations that you can store on your phone or transfer to your PC. Similarly, iDrive is a cross-platform app with which you can create backups for ios, Blackberry, or Android phones.
You can even manually create a backup of your data by directly transferring files to your PC to ensure that you do not lose your data in case of your phone getting lost, being stolen, or getting wiped due to viruses. Some applications allow you to create backups and store them on a cloud server, which you can access from another device or your PC to retrieve your data.
-
Get a Remote App
Developers have created these applications to put you at ease even if you have lost or misplaced your smartphone. There are several remote locators, lock, and wipe apps that you can use to locate, deactivate or format your phone to protect your confidential data. These apps use the GPS and Wi-Fi connectivity of your smartphone to locate your phone in case it has been stolen. Sending a customized SMS to your phone will activate the application, which discreetly turns on the GPS or Wi-Fi and responds with its location. Some apps even enable you to remotely lock your phone and wipe clean all the data stored on it. Apps such as SeekDroid, Prey, Where’s My Droid and Wave Secure are useful for Android users. Blackberry and Apple offer these services through their app stores as well, and Windows Phones come with a default find my phone feature.
-
Upgrade your Operating System
All smartphone manufacturers and os developers offer updates for their operating systems. These updates often boast new features or packaged applications, but they also frequently contain software patches and fixes for loopholes and other security-related issues. It is advisable to have your phone set to check and update its software automatically at regular intervals. Along with this, it is also advisable to frequently check for updates for any installed applications.
-
Install Antivirus Software
With a large amount of Internet usage on smartphones, your device could come under threat from a viral infection, Malware and viruses are constantly being modified to find holes in the latest software and operating systems and spread rapidly across networks and devices through various forms of communication. The best and safest way to fight a virus is to have strong antivirus software, and although there are free antivirus apps available, it is advisable to get the entire range of services and invest in a premium version. A decent security app will provide you with a range of services, including antivirus and malware protection, firewall protection, anti-spam and anti-theft, data encryption, and privacy protection. Some of these services have their remote lock and wipe features as well as number blocking and scheduled scans,
There are many apps to choose from when it comes to security, and most of them are compatible with multiple operating systems such as BullGuard Mobile Security, Kaspersky Mobile Security, McAfee Mobile Security, etc. These applications are compatible with Android, Windows Phone, and Blackberry operating systems, and some of them are also expected to launch iOS versions soon.
-
Watch your Wi-Fi Hotspots
Public access wireless networks are often riddled with malicious content as any user would be happy to find Internet access on the go. These areas are frequently targeted by hackers too, who can track, access, and steal your phone’s data and even remotely execute functions on your phone. Open wireless networks also give attackers the opportunity for cross-service attacks. It is advisable to keep your Wi-Fi feature disabled when you are not using it and, whenever possible, use a VPN at your workplace or home.
-
Turn OFF Bluetooth
Your mobile device is vulnerable to attack and even external control via Bluetooth connectivity. Mobiles are most vulnerable during the pairing red techniques by having connected to re-enter a security PIN which is revealed to the attacker. The hacker can then use this PIN to make calls from the targeted phone, steal data and even send malicious data to the Bluetooth-enabled phones. Some professional hackers have even revealed methods by which they can gain complete control of a mobile device that has been left idle with the Bluetooth in discoverable mode.
-
Avoid Cracking your Phone
While software cracks such as ‘jailbreaking’ or ‘rooting’ are required to install third-party apps and get more features on your smartphone, it is advisable to avoid ‘cracking’ your device. The software that comes bundled with your mobile comes with certain security and privacy measures place and jailbreaking or rooting your phone can often bypass these security measures.
Android phones also have a setting to prevent unauthorized apps from being installed, and while many useful apps are not available on the market, it takes only one malicious third-party app to compromise your phone’s security.
-
Don’t Trust all APPs
No matter which smartphone you are using, it is likely that there will be a handful of apps for a specific feature or function. There are various notepad apps, camera apps, and so on, and you might want to try each one to find the best. It is advisable to stick to the tried and tested apps, however, as once you’ve installed an app on your phone, you don’t know what it could end up doing. This is of special concern for Android users and developers who have found various forums to upload their applications without being verified by the Android market. Any one of the thousands of third-party apps available on these forums could compromise your phone’s security.
A developer has, in the past, demonstrated to Google how easy it is to create a malicious app disguised as a new version of a popular app, upload it to the Android market and get users to install it on their phones. He created an app that sent text messages in the background using the cover of the popular Angry Birds game. There have also been reports of apps leaking credit card information and other personal data.