In this News Insight, WIRED Magazine offers some quick tips to step up your mobile security and reduce your risk of attack. For a more detailed look, download our guide to better securing personal and work data on your mobile phone. — Samsung Insights editorial team
As we increasingly store sensitive personal and business data on our mobile phones, the opportunity to exploit their privacy weaknesses becomes enormously tempting to unscrupulous characters. Armed with nothing more than your phone number, a hacker can know where you are, who you meet, and where you work. They can listen to your conversations, read your texts, record video, even forward your calls or drain your bank account.
Everyone from Hollywood actresses to German chancellors have had their mobile phone hacked. Are you next?
Trust No One: It’s Up to You
For hackers, a digital device is a digital device—whether it’s a laptop, tablet, or mobile phone. In today’s mobile world, phone hacking is a critical security issue.
There are essentially two types of phone hacking: tapping into a live conversation or voicemail, and hacking into data stored on the device. Unless you’re a celebrity, you’re more likely to be hit with the latter—hackers can then gain access to financial information, withdraw money from debit accounts, make clone credit cards, and buy items on less secure online sites. Going further, they may also attempt to access your corporate information on the phone.
In many cases, the onus for maintaining security is on the phone’s owner, and their data system may not have even been compromised. Instead, many users recycle usernames and passwords from other services. A coffee house app, for instance, may not have used two-factor authentication—say, requiring a confirmation code sent by SMS—so a hacker who finds a working username and password combo can pretend to be the user on another phone. This is known as an account takeover.
In addition, if a thief manages to get your phone number (not too tough, considering how many reverse-lookup sites are out there) and pair it with a matching credit card, that can lead to mobile payment fraud. And that’s just the beginning.
Here’s how to stay ahead of the game:
- Update your OS. Many people run outdated operating system software on their mobile devices, unaware that it leaves them vulnerable to attack. If there’s a new threat, hopefully the engineers creating your phone’s OS have addressed it. It’s important to check regularly and accept these updates immediately.
- Update your apps. Similar to the OS, apps can have bugs as well as security risks, so you want to be running the latest version. Also, consider turning on automatic updates.
- Avoid the temptation of free Wi-Fi. Free public Wi-Fi spots are everywhere. They’re great for getting work done and staying connected—but can be a major security risk. Any time you connect to an unsecured public Wi-Fi network, you are opening up your mobile’s info to anyone else on that wireless network. A common attack involves a hacker setting up a public Internet hotspot near the site of the public Wi-Fi, with a similar name to the one public network, which could be run by a local business. They then use this second network as a backdoor to your data. If you absolutely must use public Wi-Fi, make sure the URL field has HTTPS and not HTTP. It means all communications between your browser and website are encrypted. And try to work as quickly as possible to minimize exposure to risk.
- If a link looks weird, it probably is. Some attacks pose as popular email clients to gain access to your account. The pages usually look pretty close to the real thing, so it pays to keep your wits about you. If you don’t trust the look of the email/message, then just don’t open it.
- Be careful what you download. Some apps are designed for malicious use—from sending spam from your device to stealing sensitive corporate data. It is best to avoid downloading apps from untrusted sources. Samsung’s Galaxy range of mobile phones includes the Knox security feature, which is able to detect whether security software on the device has been tampered with.
- Limit what your apps can access. Many apps will ask you to access things like the camera, microphone, and contacts. You don’t need many of them, and it may also be a backdoor for a hacker to access your private information.
- Use a virtual private network (VPN): If you do need public Wi-Fi, start using a VPN to protect your privacy and data. When you’re connected, all your Internet traffic is sent from your computer through an encrypted tunnel to the provider’s endpoint, which reroutes your traffic through dedicated, encrypted servers. You can purchase a VPN service (about $5 to $20 a month) or try some of the free ones. Your traffic is secure. One warning: Using a VPN can slow big downloads or streaming, like videos and online gaming. When checking your bank balance, the trade-off in speed for security is a good bargain.
This content is produced by WIRED Brand Lab in collaboration with Samsung.
Ready to learn more? Download our free guide to mobile data security.