Having a smartphone nowadays admittedly makes our lives easier as compared to centuries ago. We are now in an era wherein almost all of our online activities and transactions are smartphone-dependent. That is technology in motion and action, it keeps evolving. But so are malware, viruses, ransomware, and many likes – they also never sleep. Are you prepared? Is your smartphone – iPhone or Android – ready to face and fight against these malicious codes?
That is what we want to cover in this article. We want to share with you a couple of smartphone cyber security tips to help you avoid losing personal data and theft.
What's In Here
Figures Showing That Malware Do Not Sleep
To give you awareness that even if you have the latest model of smartphone, your device is still vulnerable. According to Kaspersky, just in 2021, they have detected the following figures from mobile products and technologies:
- 3,464,756 malicious installation packages
- 97,661 new mobile banking Trojans
- 17,372 new mobile ransomware Trojans
Despite the decreasing mobile attacks, one cannot disregard that these cybercriminals and malicious codes are becoming more complex. And on some cases, malicious codes are injected into apps. And there are that can mimic legitimate apps which contain a small encrypted payload. After you install them, that malicious code is decrypted and launches the payload. With that having said, your smartphone is now exposed to cyber criminals and theft.
Practice These Smartphone Cyber Security Tips
Before it is too late and to avoid the dilemma, here are some recommendable smartphone cyber security tips that you should start doing – before it is too late.
1. Keep your smartphone software and the system updated.
When you purchase a new smartphone, the stack software and system are not up-to-date. It is expected. These out-of-the-box smartphones were originally designed to function expectedly with that pre-installed software and operating system version. That is why as soon as you unbox and configure your new smartphone, you should update the system and all the software installed. Some of these updates contain security patches to fix previously found vulnerabilities.
Keeping your smartphone’s system and software updated is not applicable only to new smartphones, even to existing ones. You should configure your device to automatically download and install updates if you are too busy to do it manually.
2. Only download apps from official sources – but with precaution.
Yes, we would like to emphasize the phrase “with precaution“!
First, make it a rule of thumb not to download apps or updates from 3rd-party sources or websites. Always make sure that the apps you download are all only from the official app store. You should only get them from Google Play for most Android devices or Apple App Store for iPhones or iPads.
In some cases, you may have to check the official website of your smartphone to know their official app store. As an example, for new Huawei devices, you can download them from their HUAWEI AppGallery.
Now, as we were saying, when downloading the apps, do it with precaution. Sneaky and complex-designed malware can still lurk and get passed through even big tech giants such as Google and Apple. That is why these companies are putting much continuous effort to keep threats off the platform.
Checklist before downloading unfamiliar or new apps
So, if you are downloading apps, especially newly launched apps, be smart! There are a few things you can do to check the app.
- Check the developer if the app came from a reputable company, especially for your finance-related apps.
- Check the last update of the software. Make sure that the app you are downloading is updated recently. Obsolete apps are vulnerable to new malware designs. Most developers keep their applications up-to-date to patch bugs and vulnerabilities.
- Try to read the app reviews.
- Check if the app is still compatible with your device.
- DO NOT ENABLE your phone to download and install from unknown sources – unless necessary. Android is an example. There is an option on Android devices running Android 4.0 and up where you can configure your device to enable users to download and install apps outside Google Play. We are not encouraging you to do this. There is a big reason why it is there in the first place. But if you really need to do so, like the app was custom-made or in beta version, take extra precaution.
3. Educate your employees or yourself about cyber securities.
If you are a business owner or head of the I.T. department, do not expect all of your staff are knowledgeable when it comes to cyber securities. Not because they know how to use their computer, or smartphones for their work, they are already tech-savvy. And even tech-savvy can sometimes fall into these sneaky malware attacks.
So, be responsible and plan to conduct training for your employees. Especially if your company is into remote work system setup. Teach your staff work-from-home cybersecurity tips to avoid data loss.
4. Be smart in front of your email, it might be a phishing scam.
Surely, you have already encountered emails with to-good-to-be-true subjects such as “You’ve won 1 million dollars, claim it now!“. Or worrying emails saying that your bank accounts have been accessed and compromised. Most of these emails contain links that will redirect you to mimic legit-like websites with an intent to steal your personal information – such as username and password.
One of our recommended smartphone cyber security tips is for you not to indulge in these phishing scams. Do not even entertain the content of the email, especially do not open the links within the email. If possible, like if you are using Outlook or Gmail, automatically junk the email. Do not just delete them because if you set them as junk email, you might still receive them in the future.
5. Ignore phishing or scam from SMS texts and instant messaging.
Like emails, you can be targeted by cybercriminals through SMS text and instant messaging. The culprit will send you a convincing message and will make you open the link(s) within. If the SMS text or message looks fishy or suspicious, block the mobile number and delete the message.
6. Enable one-time pin (OTP) and 2-factor authentication 2FA.
Do not be complacent about having a strong password. You should add another layer of protection for your accounts – especially for your bank and other personal accounts. If the options one-time pin (OTP) and 2-factor authentication (2FA) features are available for you, enable them for your accounts. Your account will be less vulnerable if you have these features activated.
I remember a friend who just woke up and saw a very concerning SMS message. She received a convincing legit-like SMS saying that her mobile wallet account was compromised. The SMS also contains a link where it is asking her to change her password and pin. Without thinking it through, she clicked the link and was redirected to a website that is almost the same as the official one. After changing her account details, not a few minutes after, she lost her money. She was robbed.
7. Do not give out your information to fraud callers.
Last year, 2021, the Federal Trade Commission (FTC) in the US reported that there was an increase of more than 70% of consumers losing to fraud.
Setting aside Robocalls, in the midst of the pandemic, voice phishing (also known as vishing) calls increased. These are callers intending to gather information from their target and sometimes ask for money. It is not quick to identify fraud callers from legitimate ones so you have to be attentive within the conversation. The moment that the caller asks for vital information, like your bank account details, pin codes, etc. then you have to stop the conversation and end the call.
8. Always lock your device.
Do not leave your device lying around unprotected. Be responsible and always keep your device locked if you are not using it. Someone might try to access your mobile device while you are not around or looking.
You should enable your mobile lock protection using either the pin code combination, pattern, or biometrics (finger scanner or face recognition).
9. Do a regular backup of your phone.
Like any system or device, such as your computer, make it a habit to regularly back up your phone. Identify first the important data or information from your phone such as messages, contacts, email, photos, etc. Then you can either backup them manually into an external device such as an external SD card or computer. Or you can back up your data into the cloud – like Google Drive for Android or iCloud for Apple products.
You cannot predict when you will need them. Having a backup can save your life in case you lost your smartphone, someone stole it, someone hacked your phone, or your smartphone has been compromised and you can no longer access it. You can quickly restore your data.
10. Do not connect to an unsecured Wifi connection.
Even if you try to search on the internet for ways to secure your devices or smartphone cyber security tips, commonly, you will see advice not to connect to an unsecured Wifi connection.
Most commonly, you will find these unsecured Wifi connections in public places such as malls, coffee shops, and many more. And usually, once you are within the premises, your device will be automatically connected without being asked for passwords. There are some establishments that provide free Wifi connection with passwords. However, the protocol they are using is weak and can be penetrated by hackers.
Cybercriminals usually use these unsecured connections to inject and launch malicious codes that can penetrate your system or devices. If you are to connect to a public Wifi connection, check first the encryption protocol it is using. It should be at least WPA or WPA2 which has a more complex and secure encryption protocol. Or you can opt to use a virtual private network (VPN) which can hide your Internet activities.
11. Regularly change and use strong passwords.
Make it a habit to often change all of your accounts’ passwords – it should be a MUST! There are no optimal metrics saying how often you should change your password. But if you have to change your password, it should be a strong and unique password.
The conventional advice is to change your password every 3 months. As we’ve mentioned, there’s no exact science to say when to change your password. But it is recommended that you set a schedule for changing your password. This is to make sure that cybercriminals can’t remain using your hacked accounts for a long time. If you feel that your account has been compromised, immediately change your password.
We understand that it can be tedious to manage accounts and passwords, especially if you have more than one. It is tedious to manage passwords – we are with you on this. But it is necessary to keep your accounts secure. If you find it hard to manage your accounts and passwords, we recommend that you use a secured password manager.
12. Avoid clickbait suspicious links.
One of the smartphone cyber security tips we can advise you, which is common, is to AVOID clickbait suspicious links. This can be seen normally while you scroll down on your Facebook, Instagram, etc. feeds. A post with a tempting image and to-good-to-be true title that will try to persuade you psychologically to click the link. And once you click it, the malicious code is launched and will start hacking your account. This is not different for SMS text messages or even for messaging platforms.
Be wise before you click.
13. Install a mobile antivirus.
There was an old myth that mobile users believe that smartphone users can’t be infected by a software virus. If you are one of those believers, then you are probably neither right nor wrong.
There hasn’t been a virus, a damaging computer program, found in iOS, or Android, that can multiply itself once it runs. That is how traditional viruses are distinguished.
However, even if a virus hasn’t been discovered so far in iPhones or Android devices, it can still be infected by other malware threats. Viruses are just one of the types of malware or malicious programs that can infect our devices. That is why you have to install an antivirus on your smartphone to keep your smartphone secure.
14. If you are letting your kids use your phone, enable Parental controls.
Kids are known and susceptible to click and download almost anything that pokes their interest – without second thoughts. It can’t be helped, they are still not aware of the danger of these things.
So, whether you share your smartphone with your kids or they have their own, it is advisable that you have control over what apps they download or links they click.
If you allow your kids to have their own smartphones, for Android, you can use Google Family Link. For iOS devices, you can configure your device to set the parental controls. With these, you can limit your kids from downloading any apps that may contain potential malware.
15. Invest in Mobile Device Management (MDM) solutions.
Investing in mobile device management solutions (MDM) is probably the most suitable for companies that allow their employees to use their own devices. IT administrators can impose policies to be pushed to the devices such as smartphones connected to the network.
In a bring-your-own-devices (BYOD) environment, MDM can provide the following features:
- Inventory and tracking of devices
- App distribution and/or an enterprise app store
- IT administrators can help you remote wipe your phone in case it gets lost
- Enforce users to change their password
- Blacklisting and whitelisting apps that are allowed within the office premise
- Enforce data encryption
With MDM solutions, both the employer and employees will experience a secure environment.
Our Final Words
Smartphones, like any technology, can do wonders that enable us to do many things and enjoy ourselves at the same time. It helps us to accomplish things systematically with the help of different useful apps.
However, although having a smartphone is convenient most of the time, it comes with great responsibility. We should be responsible enough and vigilant while using our smartphones. And taking extra precautions is not a bad thing unless you don’t care about your data.
There you have it, our list of smartphone cyber security tips that you can follow – or not. It is entirely up to you if you want to follow them or not. But if you want to protect your data – especially your personal information or bank accounts, then doing those from the list won’t do you any harm.
What about you? What other precautionary steps do you do to protect your data from malicious attacks or threats?