8 Steps to Locking Cyberthieves Out of Your Smartphone
Now that you’re relying on your smartphone more than ever before – personally and professionally – are you doing enough to protect it and its contents?
A fitted smartphone case and screen shield may reduce the odds of damaged hardware if dropped or scratched, but more importantly, you’re carrying around private information that can fall into the wrong hands if your device is lost or stolen.
An even greater likelihood is having your data exposed while the smartphone is still in your possession. From malware (“malicious software”) disguised as legitimate apps to phishing scams entering your inbox to digital eavesdropping on public Wi-Fi hotspots, your device is more at risk than ever before.
The good news is you don’t need a degree in computer science to better safeguard your smartphone. The following are some simple tips to keeping the cybercriminals out, regardless of the smartphone you use.
A few simple (yet often overlooked) suggestions:
Back-up, back-up, back-up: Above all else, it’s incredibly important to back-up your phone’s important files – like irreplaceable photos, videos, contacts, text conversations, and so on – before you lose your device or have a cybercrook remotely lock you out of it and try and extort money from you to let you in (“ransomware”). Whether you use the cloud, connect it to a PC to back-up files on a regular basis (through iTunes for iPhone users), or rely on a back-up drive (like SanDisk’s iXpand Base), do something to protect your precious files before it’s too late.
Use a passcode: All smartphones let you lock it with a PIN code, password, pattern, or biometrics login (using a part of your body) to confirm it’s really you. So long as you lock your device in some fashion, no one else can access your information should your device be lost or stolen. A thumbprint or face/iris scan is most convenient, if your device offers it. Also make sure you don’t set up your apps to automatically log you in when a password is an option, as someone may guess your phone’s pattern or PIN, and now they’ve got the keys to the kingdom.
Be app-savvy: Only download apps from trusted, reputable sources. Always stick with official stores like App Store or Google Play, read comments from previous users before you download to confirm it’s a legit application. Never be the first to download something new. Read the app permissions instead of blindly accepting the terms and conditions, because there’s no reason a game needs access to your camera, microphone, and contacts.
Don’t be gullible: Immediately delete suspicious text messages or emails from people you don’t know. Don’t click on any embedded web links or attachments, nor should you write or call back any unknown phone numbers (it only confirms your number is valid). Scammers and spammers are increasingly targeting smartphone users, including phone calls posing as someone they’re not. Immediately block numbers from these malicious types, report it if you can (often a feature built into the phone), and perhaps choose to ban private numbers from getting through.
Bump up your protection
A few more recommendations to keep the bad guys at bay:
Install antivirus: Especially for Android users, it’s recommended to protect your mobile data with security software, such as the comprehensive Norton Mobile Security ($14.99/year). Not only do these apps protect your device from viruses and other malware, but premium services also lock down your privacy settings and scan apps and files for threats, but some solutions can snap a photo of someone attempting to log into your stolen phone, via the front-facing camera, and send the image to you!
Set up remote wipe: Should your phone become lost or stolen, you can remotely lock it (if no passcode is on it already), display a message (“Please call me for a reward”), wipe the data clean, or track it on an online map -- but you need to set this up ahead of time. Free services include Find My iPhone (iOS) and Android Device Manager (Android), but there are other third-party tools with even more features. But always work with authorities to retrieve a stolen phone rather than attempting it on your own.
Two-factor authentication: Along with having a good password or passphrase for all your online activity (and not using the same password for everything), opt for two-factor authentication (also referred to as “two-step verification”), which means you'll not only need your password to access your online account but also a one-time code sent to your mobile phone, to confirm it's really you. In other words, two-factor authentication is built on the premise of having something you know (password) and something you have (phone).
Browse safely: Use a virtual private network (VPN) when spending time on the web, as it masks your online identity, making you safer. A browser’s “Private” or “Incognito” mode isn’t the same thing -- it only wipes your history and cookies clean when you close the browsing session, but what you’re doing while online can still be seen by your service provider, the government, advertisers, and malicious types. Using a VPN is especially important when using a free Wi-Fi hotspot, as it puts your data at greater risk (better yet, don’t use public hotspots at all and use your cellular connection).