A guide to smartphone security
Criminals and hackers are finding more and more complex methods to obtain your personal information, from using Spyware to steal your keystrokes, to using weaknesses in unsecured public WiFi networks to gain access to your smartphone.
This means they could blackmail you or steal your money direct from your bank account.
But in order to truly understand the security measures you can take, which we will cover later in this article, first you must understand the nature of the threats to your mobile security.
In this article we will be giving you:
- Helpful hints and tips on how to keep your mobile phone safe and secure
- What the hackers can do
- What it is they’re after
You’ll soon see why it’s so important to keep your smartphone privacy as secure as possible.
There are well publicised strategies that the hackers can use to obtain your personal information from your mobile phone.
What do the statistics tell us?
It’s scary when you see the hacking threat in the cold light of statistics. Here’s some to really make you think (Figures based on U.S.A.):
- A Hack Attack every 39 Seconds
- 300,000 new Malware created every day
- Your Hacked Bank Account details could be purchased for as little as $3 on the Dark Web
What types of personal data are stolen?
All this will lead on to asking, if the hackers are going to such lengths to gain access to people’s smartphones, what data and information are they trying to get their hands on and what can they use it for?
Smartphone security and privacy protocols are there to protect a wide range of information. This includes, but is not limited to, a user’s:
- Location / Address
- All Passwords including access to Bank Accounts
- Photos / Videos
- Text Messages
- Social Media Account Logins
So, why would they want this information from your smartphone? There is no one definitive answer to this question.
There are variables in each and every case and it also depends on the hacker.
Methods used to steal personal data:
- Riskware – This is where an App leaks personal data and information to their advertisers or organised criminal gangs as a result of the wide-ranging permissions given by user.
- Malware – This is a term used to describe a type of malicious software that will include tools used by hackers such as viruses and spyware. These will then affect your smartphone in a way that will help the hackers harvest your personal information or even trigger charges.
- Madware – A shortened term Mobile Adware, it is a new word developed to describe programs that obtain a range of data that help to target you with more personalised online adverts, however they are often downloaded and installed without the users permission.
- Spyware – Spyware is a type of software that, when activated, can obtain users information and data which can include keyloggers which allows the hackers to steal usernames and passwords.
- Phishing – These particular Apps work in a similar way as the old phishing emails that used to circulate by harvesting the information you put into an app believing it is genuine when it is in fact not.
- Grayware – Grayware is normally not seen as particularly malicious, however it can highlight a user’s privacy issues.
- Browser Exploits – These are when known mobile browsers security weaknesses are abused.
- Spoofing – These networks are set up in public places and are designed to look like genuine wi-fi networks but can be used by hackers to steal information and data by encouraging the users to reveal their login information.
- Unsecured Wi-Fi – These are a well-known weakness when using a mobile phone. Any public network that has been compromised by a hacker can provide them with access to a user’s personal data which is stored on their smartphone.
- Lost / Stolen Smartphone – It can be possible for a criminal to gain access to a lost or stolen smartphone to be able to then steal and use the personal information held on it.
As can be seen from the above list of potential smartphone security threats, there is a great deal to consider when trying to mitigate the risks they pose.
Personal smartphone security and privacy hack
Some hackers simply want to cause trouble. They look to gain access to smartphones in order to either damage them beyond repair or damage them to the point that only a complete reinstall will cure the problem. Either way the smartphone security breach was attacked simply because they can and for fun.
Others seek to collect intimate details about the user’s life in order to gain money from them by blackmailing them and threatening to expose to friends, family or their employers.
In an alternative approach to blackmail, the hackers are able to obtain sufficient information to be able to contact the user’s phone company.
They then have the number ported over to a new phone rendering the old phone useless. It will be at this point that the blackmail would come in to have the phone control returned.
In addition, with the rising use of E-Wallets on smartphones, hackers are simply after the money. The common approach they use is to convince a user to download an App, which they believe to be genuine, then enter their card and payment details.
At this point, the information can be collected and the hacker can use the information to charge the user’s bank cards.
Business and political smartphone security
Business smartphone security is definitely not exempt from a hacker’s sights. Along with the reasons mentioned above. Businesses are sometimes targeted to eavesdrop on Company Executives to obtain trade and product secrets or as part of a wider Corporate Espionage campaign.
It has been long thought that the threat to business organisations doesn’t always come from rogue hackers looking to make some money.
Large businesses can sometimes become the target of a state backed hack looking for trade or manufacturing secrets that will help them undermine their market.
In addition, the state backed cyberattacks can be levelled directly at a nation’s political system, so undermining the validity of a national or regional vote and therefore destabilising the democratic system.
Ways to protect your smartphone from being hacked
So, what steps can you take to improve your smartphone security and privacy?
Now we’re going to take a look at some hints and tips to help you make the changes you need.
No matter which smartphone you use, you need to ensure that you keep the OS up to date with all the very latest versions. It is worth considering which manufacturers provide the longest support packages and their track record on being able to release a new update when a new threat has been discovered.
For example, Apple generally provide updates for their iPhones for about 5 years whereas the Google Pixel is guaranteed for 3 years and the high-end secure Blackphone PRIVY’s OS isconstantly being improved, with a new version aimed to be released every 2 months. As the device is based on a subscription-based OS, updates will continue through next generation models.
The updates will patch any flaws that have been exploited by hackers and will fix any other bugs that have been found. This will help form part of your defence against a cyberattack.
Two factor authentication
Although this additional security measure may seem a bit of a hassle, it is well worth adding into your security procedures.
By generating a time limited code that is sent to you via text, it makes sure your identity is double checked before allowing access to your smartphone. It really does make it much more difficult for hackers to gain access to your smartphone.
Public WiFi, Bluetooth and charge points
Quite simply, do not use an unprotected public WiFi or charge point if at all possible and turn off your Bluetooth and WiFi when they are not in use.
All of these actions provide the hacker with a route in to your phone. Whilst these public connections seem to make life much easier, it is best to avoid their use if at all possible. It’s one less thing the hacker can exploit.
Encrypt your password storage
High level encryption is important throughout the whole of the security and privacy of your smartphone.
Ensuring that your passwords remain tightly secured forms a part of that. Before you purchase any new device, it will be worth checking how it has been developed with regards to encrypting your personal data and how that data is stored.
A classic mistake that has been made by many is assuming that any data or information stored on their iCloud accounts are safe. This is certainly not always the case.
For example, the Blackphone PRIVY has end to end encryption for all communications and any data files are held in encrypted storage.
If the worst happens and your phone is either lost or stolen, not only is the Blackphone PRIVY unhackable, it also has a device wipe facility meaning that your sensitive data will not fall into the wrong hands.
Use of Virtual Private Networks (VPN)
Using a VPN will provide the use with a secured private network over the internet. It provides the ability to send and receive data securely using a public network but without unauthorised people being able to gain access or see the communication.
The VPN means that the user is given a temporary IP address, hiding the real IP address and thus keeps everything anonymous. Essentially it delivers an additional level of protection for your mobile communication.
There are a number of VPN providers out there with varying degrees of security and reliability. However, the Blackphone PRIVY uses military level encryption and a totally secure network that will mean every aspect of your smartphone security and privacy remains safe.
Always lock your screen
It may seem like an obvious statement, but it really is an important element for the overall security of your smartphone.
Most have a setting that means it will automatically lock after a designated period of time where the phone has not been used. It is important that this setting is not too long, in case the phone is lost or stolen while unlocked.
Check what permissions you’ve given
Many people are in the habit of downloading Apps and simply granting the permissions requested by that App without actually checking what it is they are signing up to.
It is important for the security and privacy of your personal data to check what permissions you have given to each App and change them (or delete the App completely) if those permissions mean the transfer of any personal data.
Be sure the Apps are genuine
There are many Apps available that seem to be a version of the most popular Apps but are in fact unofficial versions that may be hiding more sinister motives.
If you are certain you want to download third party Apps on to your smartphone, double check they are the genuine version first and not a rip off version that could compromise your smartphone security.
The Blackphone PRIVY only uses Apps that have been screened for safety and are all placed in separate sand boxes on the phone to separate them from all sensitive information, be that personal or business.
If you take 3 things away from this, here are the absolute must dos:
- Always use Two Factor Authentication
- Always use encrypted hardware and software
- NEVER download Apps from unknown developers
How the Blackphone PRIVY can help
As can be seen here, there are a significant number of risks and threats to your mobile security and privacy. Some are more sophisticated than others, with some posing a genuine threat to your finances and more.
However, if the right safety precautions are taken and by using the most secure smartphone available whilst adopting a certain level of common sense, your personal data along with your mobile security and privacy can remain secure.
We hope you find this a useful article, but if you would like to have a chat about your specific mobile security needs, naturally we are on hand and would welcome your call.