As our smartphones have become more ingrained in our lives, they’ve become rich repositories of personal information.
That’s exactly why smartphone hacks are on the rise, says Paige L. Schaffer, president and COO of Global Identity and Digital Protection Services for Generali Global Assistance. In fact, hackers are busy experimenting with new ways to access smartphone data, she says, while users may not even be aware that their devices are at risk. If crooks do get through,
identity theft protection can help you restore your identity. Fortunately, a few easy steps could help prevent a breach from happening in the first place. Here’s what Schaffer recommends:
The Risk: Bluetooth
One of the newest ways that hackers are gaining access to phones is through the Bluetooth connection. Here are the terms to know:
“Bluejacking” is when a hacker searches for discoverable devices in the area and then sends spam texts to the device.“Bluesnarfing” is worse—hackers access and steal personal information from your device via a vulnerability in a Bluetooth connection.“Bluebugging” is when a hacker takes total control of your phone.
The Solution:
Disable your Bluetooth connection anytime you aren’t using it. On some devices, you’ll have to turn off the Bluetooth function; other phones have a setting for “non-discoverable mode.”
The Risk: Phishing
“Research shows that mobile users are three times more likely to fall victim to email phishing attempts compared to desktop users,” says Schaffer. One reason is the phone’s smaller address bar, which makes it harder to see (and therefore verify) the web address before entering sensitive information. Also, busy smartphone users may be less likely to apply the same scrutiny to emails that they do on a desktop or laptop.
The Solutions:
Be wary of emails or text messages from someone you don’t know.Don’t click any links if the email asks for personal information, has spelling errors or oddly worded sentences, or greets you generically (as “Dear Customer,” for example).Type in URLs from scratch, rather than clicking on links—especially if you’ll be entering personal information.If you accidently click a suspicious link, terminate your session and disconnect your device from the internet by disabling Wi-Fi and enabling airplane mode. Then run a virus scan if your phone’s operating system features one (if it doesn’t, installing software updates when they become available should help keep viruses at bay). Report phishing emails to your email provider or forward to the Federal Trade Commission at spam@uce.gov.
The Risk: Malware Apps
Malware apps can gain access to a user’s personal information, capture login and password information, see location data, download additional nefarious apps or spread malware by making the phone part of a botnet (an infected network run without the user’s knowledge).
The Solution:
Avoid third-party app stores. Only download programs from the official app store for your type of smartphone. While some malware apps have been known to make it through their review process, your odds are greatly reduced.
The Risk: Public Wi-Fi
Many public Wi-Fi connections are unsecured and unencrypted, so any information you enter while connected could be intercepted. This gives a hacker access to your browsing activity and account logins, making passwords and other data vulnerable to theft.
The Solution:
If you must hop on public Wi-Fi, use a virtual private network (VPN), which lets you exchange data securely and anonymously. Download a VPN app through an official app store and connect to the VPN service before logging in to public Wi-Fi. No VPN? Don’t log in to password-protected websites that contain sensitive information while using public Wi-Fi—for example, banking and social networking sites, or even email.
The Risk: Voicemail PIN
Most voicemail accounts are protected with a four-digit passcode, which hackers can typically crack without a lot of effort. Once inside your voicemail, a hacker could access an online account or app and ask for a password reset via a phone call. If you miss the call and the automated service leaves a voicemail with the reset code, a hacker could access that account.
The Solution:
Set a longer PIN (if possible) that’s not easily guessable (don’t use your birthdate or the last four digits of your phone number, for example) and change it frequently.
0 Comments