Are you really doing everything you can to protect private information when you use your smartphone?
Mobile security is barely considered by most mobile users. They know there’s a firewall and some soft of anti-virus program on board, and they usually keep them updated. Users have read or heard the horror stories about hackers and privacy violations, yet more identity theft cases arise from mobile phone use than of stolen mail or hijacked credit reports. When even the security-conscious user takes care to protect privacy and personal information on their computers, why are mobile users the high targets that they are?
Familiarity Bends Defenses
Mobile technology has improved our lives and the world in general: Few dispute that. However, the pervasiveness of smartphone use everywhere prompts a casualness of use that, say, laptop or PC use does not.
People enunciate very clearly ID codes, passwords and account numbers on a smartphone to ensure the correct data is received on the other end of the call. Customer support personnel aren’t usually the ones to “borrow” this information, but the person sitting at the next table or even right next to the user might be. Users think little of their actions, for they use their smartphones all the time.
Types of Information Involved
Full social security numbers, dates of birth, secret question answers, addresses and email addresses are given freely over the phone, whereas they might not be over the Internet.
Credit card numbers, three- or four-digit security or CCV codes and endingdates are spoken without hesitation and at normal volume.
When using a mobile handset to surf the Internet or log into an account online, few people take appropriate visual precautions to prevent someone from seeing the information.
“Typosquatting” or fake websites that mirror familiar ones – especially bank sites or payment processing screens or payers like PayPal – are still quite prevalent in the ether world. People receive what appears to be a bona fide email from an institution, and they still click links that send them to fake websites, signing in and “verifying” their email address, home address and contact phone number, thinking they are complying with a standard security measure.
They click links to “re-enter your credit card information to verify [the institute’s] records,” not correlating their actions as contrary to what they would do on their PCs or laptops.
When funds are stolen, credit cards obtained under their names without their knowledge or permission, never having submitted an application, or even jobs obtained, houses bought and credit destroyed, mobile users often have no clue that it wasn’t a hacker who jacked the data, but it was the mobile user who unthinkingly provided every bit of information.
Certainly, there might be a data snooper app that breeches privacy intentions and gathers information from your calendar or your text messages, but those electronic methods are no longer the primary cause of mobile theft or identity theft: The mobile handset users are, and they don’t often hesitate to provide it, overlooking potential consequences.
You don’t have to cease using your mobile device to check your bank balance or make a purchase online or off. Just be acutely aware of your surroundings.
— Keep your vocalizations at very low volume. Cup your hand around your mouth and the device microphone to prevent those nearby from hearing your voice as you give your SSN, password or other sensitive data.
— Angle your screen away from anyone, keeping it very close to your body as you enter account information.
— If the brightness of your screen is adjustable, dim it to where even you can barely see it as you look directly at it. Test visibility from an angle: If you can still read the print on your screen, it’s time to take your handset away from other people or security cameras.
— Wear a headset anytime you vocalize your information, even verifying you are the owner of your account. It’s entirely possible for a remote microphone to pick up your conversation when using just your handset. Headsets, especially corded headsets, channel the sound directly into your ear canal, vastly reducing the “overspill” to the surrounding area.
— Above all, click no email or text link in a “security check” correspondence. If necessary, use a bookmarked link or surf to the site in question and check validity of the inquiry from a browser. If found to be false, forward the phishing email to the abuse “at” email address of the organization mentioned in the email, just as you would from your PC.
Article by Jaye Ryan, a freelance author who is proud to write about mobile phone safety for MobilePhones.org.uk.
If you found this article useful, don’t forget to share it by clicking one of the buttons below. You can also share your thoughts in the comments section below.