Cell Phone Security
How to Get Others Onboard for Safer Mobile Browsing
The struggle continues. Last year I convinced my husband to give up carrying a piece of paper in his wallet with all his passwords on it. Last week I found he now has them stored in his unsecured cell phone rather than using the password locker I installed. While we use our mobile devices like pocket computers, the number of phone security breaches continues to rise sharply. If you have a friend, family member or staff that are lax in cell phone security practices, here are some alarming statistics, as well as strategies for safer mobile browsing.
The scope of the problem
According to Statista, over six billion people worldwide use smartphones, including 85% of Americans. We are not just using them as phones–mobile devices can do pretty much anything a laptop computer can do, including tapping into $47 billion in mobile e-commerce spending.
Mobile malware was already on the rise pre-pandemic, increasing 54% in 2018. Now it’s an epidemic. Bad actors are not just going after individual cell phones, they’re threatening broadband service providers with ransomware.
Verizon estimates that third-party app stores host 99.9% of discovered mobile malware, with 98% of mobile malware targeted at Android devices.
Security researchers at Kaspersky discovered over 100,000 mobile banking trojans in 2021, noting this figure had almost doubled over the previous year. Kaspersky explains there are fewer, but more sophisticated mobile attacks that are harder to detect. Sometimes malicious apps are disguised as legitimate apps. As mobile banking and payment apps become more widespread, there is a greater chance of attacks by cybercriminals.
Steps to increase your mobile security
The following recommendations are included in Kaspersky’s Mobile Threats in 2021 report. You can keep up with mobile threats on SecureList.
Download apps from an official store. While not foolproof, it is safer to download your apps only from official stores like Apple App Store, Google Play or Amazon Appstore. Apps are reviewed and filtered before they are allowed in these stores.
Check the permissions of apps. Is an app asking for access to something unrelated, like a flashlight app asking to access your camera? Review permissions and decide if downloading that app is worth the risk.
Have a security solution on your phone. You have anti-virus/malware protection on your computer (hopefully!). Treat your mobile devices just like any other computer and install quality protection. Some solutions offer protection across all internet connected devices. The best line of defense is a good offense.
Use your phone’s privacy controls. On iPhone, users can block app access to photos, contacts and GPS features. No matter what phone platform you are on, review your privacy controls and beef up your device security.
Keep your operating system updated. Don’t perpetually delay when your phone wants to do an update. Operating system and app updates often deploy safety solutions, so keep them up to date.
As an Amazon Associate, Arvig earns from qualifying purchases.
Convincing others to secure personal mobile devices
I’ve made progress getting my husband on board with a password locker. If you have a stubborn spouse, kids who ignore device security, or employees that use personal devices, these tips may help.
- When your family asks for a password, direct them to look it up in the family password locker that you have set up. Make sure the password locker is organized well and easy to access, even for the lowest tech member of the household.
- A password locker is not the only line of defense. At a minimum, encourage two-factor authentication on email, financial information and healthcare access. Show your partner, kids and staff how to recognize a phishing email.
- Act as the IT department for your household or small business. Require that sensitive and financial information is only accessed from your secure home or office network, where you control additional security measures. Or, at a minimum require that others use a VPN and mobile anti-virus/anti-malware software if they are going to access banking and other vulnerable information on the go.
- Avoid unsecured public networks (Starbucks, the library, etc) from a mobile device, or at a minimum apply a VPN and mobile anti-virus/anti-malware software.
- Ask employees not to access company information from personal devices. If you must allow this, treat their mobile device like any other outside computer that accesses your system–require two-factor authentication and limit access. Also, require their mobile to have a lock screen which is pin or password protected.
We can’t afford to ignore mobile security, either for our personal or business devices. Device security is always a game of cat and mouse–as soon as devices or their systems become more secure, criminals find new vulnerabilities. We only have to look at threats like BRATA, that wipes out one’s bank account then factory resets the infected phone to drive this point home. Accept that fraud is always going to be with us, and is on the rise. Take steps to protect your phones and tablets as part of your overall computing security plan, and help others in your sphere do the same.