iPhones, iPads, and Android mobile devices have become for most, their primary computer. Gone are the days of using your phone for calling and texting. In today's world, we now use our phones for taking pictures, accessing social media, responding to email, and mobile banking. Our entire lives are contained on our phones. Keeping your mobile device both physically secure and digitally secure will help prevent your personal information from getting into the wrong hands.
Physical Security
Entering a passcode every time you want to access your phone may seem like a nuisance, and you may think "I am the only one who uses my phone, why should it matter?". The reality is that your mobile device contains a lot of important information which thieves are seeking. An unlocked mobile device may give access to private conversations, emails, and personal information contained in social media sites such as Facebook. To put this into perspective, try going through your pictures, emails, and text messages. You might be surprised to find information such as a picture of your drivers license, social insurance number, or credit card numbers. This information could be used to steal your identity, make purchases with your credit card, or used to extort you into providing a ransom.
Protecting your information before your device has been lost or stolen
1. Protect your device with a passcode or password
Be sure to set up your device to use a password or passcode. It is recommended to avoid using a 4-digit passcode and preferred to use a 6-digit passcode. For increased security, you may use an alpha-numeric password in order to unlock your device. Be sure that a passcode or password is required every time you wake your device. Avoid using personal information such as birthdays as a passcode and never use a passcode that may be easily guessed, such as 123456, 000000, or 123123
2. Use biometric authentication for unlocking your device
Using biometric authentication such as a fingerprint or facial scan greatly improves the physical security of your device. While in a public setting, unlocking your device using your fingerprint or face will prevent someone from looking over your shoulder and watching you enter your passcode.
3. Enable erase data option to delete data after unsuccessful passcode attempts
To protect your device from being cracked using brute force methods, it is recommended to enable the erase data option. After 10 unsuccessful passcode attempts, your device will automatically erase all information contained on the device. This limits the number of attempts the thieves have in trying to guess the passcode of your device.
Digital Security
Mobile devices, being the source of so much information, are just as likely to be targeted by hackers as computers. However, because most mobile devices have measures in place to ensure only trusted software can be installed, through locked down app ecosystems, mobile devices are not usually targeted by malware or spyware. Hackers employ different, more creative methods in order to gain the information they are seeking.
1. SMISHING
SMISHING is a form of phishing, where the primary method of delivery is through an SMS message (text message). SMS Phishing or SMISHING is the act of attempting to obtain personal information such as user names and passwords by pretending to be a trusted source. A common example would be receiving a text message stating that you received an Interac e-transfer and to click the link to sign in and deposit the funds. Never click on a link received via text message from unknown sources. If you are unsure of the validity of the message you received, you can always contact the company directly to verify. As well, take a close look at the URL they are linking you with, as it will likely not contain the proper website of the company.
2. SNIFFING
Another method used to obtain information from mobile devices is called Sniffing. Sniffing allows hackers to capture unencrypted information as it is transmitted over a network. Information they are looking for is primarily user names and passwords for websites. To avoid being a victim of Sniffing, there are a few things you can do. Never enter user names and passwords on open wireless networks. Wireless networks that do not require a password to connect with do not encrypt your data. Such wireless networks are common in coffee shops and airports. Another method to help protect your information from Sniffing is by using a VPN or Virtual Private Network. A VPN will "tunnel" through the network, creating a private connecting from your device to the site you are accessing.
3. Keep up to date
Hackers use known security vulnerabilities to gain access to mobile devices. The software developers are constantly patching these exploits to help protect your devices. If you ensure that you keep up to date with your software updates, you are taking a step further in preventing your device from being hacked. This goes for both your Operating System updates and App specific updates.