Mobile Devices

Data Leakage

Mobile apps are often the cause of unintentional data leakage. For example, “riskware” apps pose a real problem for mobile users who grant them broad permissions, but don’t always check security. These are typically free apps found in official app stores that perform as advertised, but also send personal—and potentially corporate—data to a remote server, where it is mined by advertisers, and sometimes, by cybercriminals.

Ensure to properly scrutinize applications and only give apps the permissions that they absolutely need in order to properly function. And steer clear of any apps that asks for more than necessary.

Unsecured Wi-Fi

No one wants to burn through their cellular data when wireless hot spots are available—but free Wi-Fi networks are usually unsecured. According to V3, in fact, three British politicians who agreed to be part of a free wireless security experiment were easily hacked by technology experts. Their social media, PayPal and even their VoIP conversations were compromised.

To be safe, use free Wi-Fi sparingly on your mobile device. And never use it to access confidential, work or personal services, like banking or credit card information.

Network spoofing is when hackers set up fake access points—connections that look like Wi-Fi networks, but are actually traps—in high-traffic public locations such as coffee shops, libraries and airports. Cybercriminals give the access points common names like “Free Airport Wi-Fi” or “Coffeehouse” to encourage users to connect. In some cases, attackers require users to create an “account” to access these free services, complete with a password. Because many users employ the same email and password combination for multiple services, hackers are then able to compromise users’ email, e-commerce and other secure information.

In addition to using caution when connecting to any free Wi-Fi, never provide personal information. And whenever you are asked to create a login, whether for Wi-Fi or any application, always create a unique password.

Because mobile devices are always powered-on, they are the front lines of most phishing attack. According to CSO, mobile users are more vulnerable because they often monitor their email in real-time, opening and reading emails when they are received. Mobile device users are also more susceptible because email apps display less information to accommodate the smaller screen sizes. For example, even when opened, an email may only display the sender’s name unless you expand the header information bar.

Never click on unfamiliar email links. And if the matter isn’t urgent, then let the response or action items wait until you’re at your computer.

Smishing

Like phishing scams, cybercriminals attempt to trick people into downloading malware, clicking on malicious links or disclosing sensitive information. A smishing attack is launched through text messages instead of email.

View tips for protecting against smishing in the IT security page on Manitoulin group of companies IT portal

Keep your phone locked

One potential threat is getting your device is stolen, which could give the thief complete access to your personal information. To prevent this, be sure to have a lock on your screen. Whether this is a passcode, pattern, fingerprint or face recognition is up to you and your device’s capabilities.

When enabling a lock screen you’ll have the option to choose how long the phone can be idle before locking. Be sure to choose the shortest amount of time. This will protect you, by automatically enacting the lock screen even if you forget to lock it yourself. It will also save your battery because the screen will go dark after the set amount of time

Set Secure Passwords

Setting strong passwords on your apps will make it harder for a hacker to guess them. It’s also suggested to set a different password for each app. This way if one password is discovered, the hacker won’t have access to all your information.

Also change default passwords and enable two factor authentication if available

Keep Your Device’s Up-To-Date

Mobile phone operating system updates are intended to improve your experience. This could entail anything from performance to security. Although they happen frequently and users tend to click through quickly or ask the device to remind them in the future, it’s important to stay up to date with these. These updates can protect both iOS and Android devices from newly discovered threats. To check if your phone’s OS is up to date, go to “about phone” or “general” and click “system updates” or “software update.”