Phone cyber security: An introduction

Follow:

Our phones are a key source for, well, pretty much everything. We’re more connected to our smartphones now than ever before because they can help us out in almost any situation. Whether it’s catching a ride, connecting with your friends and family, ordering groceries or just looking at memes, your phone is there for you through it all. Your phone also contains lots of personal information, such as your photos and text message history.  

Unfortunately, our reliance on our phones, combined with the personal information stored on them, makes them prime targets for cyber criminals. That’s why it’s important to learn how to keep them safe.

Here’s what you need to know about phone cyber security.

Common threats against your mobile devicea person looks at his phone, and a phone with a heart-eyes emoji on it

Cyber security threats on your phone can be subtle. That means that we don’t necessarily know where we’re vulnerable, which leaves us even more exposed to attacks that can cost us our money, identities or time.

Phishing

One of the most common threats is phishing – fraudulent emails, texts, social media Social mediaInternet-based tools that allow people to listen, interact, engage, and collaborate with each other. Popular social media platforms include Facebook, YouTube, LinkedIn, and Twitter. messages, and even phone calls.

These messages often ask you to log in somewhere, verify an account with information only you know, or threaten you. They might even try to convince you to download DownloadTransmission of data from a remote computer system onto a local computer system. malware. Cyber criminals will say anything to convince you that they are a legitimate company or person to get you to release your personal data to them or to download their malware MalwareMalicious software ("malware") designed to infiltrate or damage a computer system, without the owner's consent. Common forms of malware include computer viruses, worms, Trojans, spyware, and adware. It can: • Intimidate you with scareware, which is usually a pop-up message that tells you your computer has a security problem or other false information. • Reformat the hard drive of your computer causing you to lose all your information. • Alter or delete files. • Steal sensitive information. • Send emails on your behalf. • Take control of your computer and all the software running on it. .

Malicious Apps

Malicious apps are another common cyber security threat.

They may appear innocent, fun, or useful, but, in fact, are demanding access to an excessive number of permissions on your device.  More permission means more access to personal information that you’d rather not give away.

These malicious apps are often fake apps, but may look and even function like regular apps. The reality is that they can pose a number of cyber security risks – from corrupting your phone with malware to stealing your personal information.

Unsecured Wi-Fi

Another subtle tactic that cyber criminals use in targeting victims’ smartphones is tricking people into connecting to dangerous Wi-Fi Wi-FiWi-Fi refers to a set of wireless communication protocols that can transmit traffic to Wi-Fi enabled devices within a local area. A Wi-Fi enabled device such as a laptop or tablet can connect to the internet when within range of a wireless network connected to the internet. An area covered by one or more Wi-Fi access points is commonly called a hotspot. networks.

The public Wi-Fi at your local café may seem easy to use and helpful,, but beware: criminals will often create fake networks that appear legitimate on your Wi-Fi list. In reality, though, these are traps designed to steal your personal data.

How to protect your smartphone

Use multi-factor authentication

Multi-factor authentication is the practice of using multiple ways of verifying you are you, and that you are the person linked to the account or device you want to use. Multi-factor authentication Multi-factor authenticationA tactic that can add an additional layer of security to your devices and account. Multi-factor authentication requires additional verification (like a PIN or fingerprint) to access your devices or accounts. Two-factor authentication is a type of multi-factor authentication. works by using a password PasswordCombination of letters and numbers you select to secure an account or device. , pattern, or facial recognition at the same time.

This makes it more difficult for cyber criminals to access the information on your device if it gets lost or stolen.

If you can, you should set up multi factor authentication AuthenticationA process or measure used to verify a user’s identity. on your smartphone. Start with a strong passcode, passphrase PassphraseCombination of random words you select to secure an account or device. , or pattern that only you know, and combine it with either facial recognition or a thumb print.

Enable a lock screen and password

Enabling a lock screen and password on your phone is one of the best ways of keeping your phone secure should it fall into the wrong hands. This means that, anytime you try to access your phone, you’ll need to enter a pin (or do something similar like scan your face or fingerprint) to access it.

Another advantage to this feature is it allows you to enable your phone to lock automatically after a certain point. If you leave your phone on (say at a table at a coffee shop) cyber criminals won’t be able to easily access it – it will just lock automatically.

It’s also important to be vigilant when using your phone in public places. Never leave your phone unattended. Cyber criminals could easily access it to gain whatever information they need about you.

Be wary of suspicious messages or phone calls

Never give up your personal information or log-in data if an email, text message or phone call seems suspicious, specially if you weren’t expecting to receive them.

Cyber criminals can try to trick you into giving up personal information by pretending to be a representative from an organization or government agency, such as your bank or the CRA. If you’re not sure whether the message or phone call is real, you should hang up, and contact the company or government department through the contact details on their website. This way you are in control and can use the correct email or phone numbers to verify whether or not the inquiry is real. Don’t forget that the CRA and other government agencies will never threaten you or use aggressive language when contacting you.

Because our phones are connected to the internet and linked to our email accounts, we can receive phone calls, emails, and text messages at any hour of the day, no matter where we are. We might be distracted or tired or busy when we receive these calls or messages. We need to be vigilant about double-checking messages and thinking twice about requests for personal information to avoid falling for phishing PhishingAn attempt by a third party to solicit confidential information from an individual, group, or organization by mimicking or spoofing, a specific, usually well-known brand, usually for financial gain.  scams.

That makes it extra important to recognize what a phishing message might look or sound like.

Look for signs of phishing messages, like spelling mistakes, pixelated logos, and suspicious email addresses.

Read the list of permissions before downloading apps

Time to get the app everyone is using? When you install a new app on your phone, you may be prompted with a permission request. By clicking “OK”, you consent to your phone sharing certain types of information with that app, or you‘re saying it’s OK for the app to access things like your location, camera, or microphone. For some phones, you may need to check your settings to verify permissions.

When you download new apps, you might overlook the fine print like the terms and conditions or privacy statements for the app. They are important to pay attention to, because this is where the app lets you know what it will do with your information. You could be sharing data that you don’t want to part with. Always look closely at what permissions an app will need before you install it. If the permissions seem invasive or confusing, or don’t make sense for what the app is supposed to do, either don’t download the app or delete it if you’ve already done so.

Don’t be fooled by public Wi-Fi

No matter how appealing it is to connect to free Wi-Fi, make sure you’re accessing a network NetworkSeveral computers that are connected to one another. that is secured, verified and doesn’t demand any personal information for you to join. Cyber criminals can create networks that look harmless but are actually malicious. Sometimes they will create a fake network that uses the same name as the one you want to join in order to trick you.

When in doubt, ask an employee which network to use so that you can ensure you aren’t putting yourself at risk of network spoofing SpoofingA website or email address that is created to look like it comes from a legitimate source. An email address may even include your own name, or the name of someone you know, making it difficult to discern whether the sender is real. .
Better yet, you can use a VPN any time you connect to public a network to ensure your data is secure. (Just know that malware can still get through a VPN.)

Conclusion

Our smartphones are incredibly useful devices that never leave our sides. They’re one of our most dependable sidekicks and have undoubtedly earned their spot as our BFF.  They help keep us connected with the world around us. Unfortunately, this kind of connection leaves our phones at high risk for hackers who see an opportunity in the amount of time we spend with them and the personal information they contain.

By staying vigilant and educating yourself about smartphone security risks, you can keep your device safe from cyber attacks.

Related Links

Cyber Security Awareness Month
CSAM 2020 - Theme page
CSAM Resources
Cyber Security Awareness Month Week 2: Phone Week
How you can stay cyber secure when downloading and using apps
Date modified: