Keeping Your Mobile Phone and Smartphone Safe When You’re On The Go
Phone hacking conjures up images of sophisticated high-tech espionage—and it is. But it really isn’t as complicated or as sinister as it sounds. Voicemail spying simply entails breaking into someone else's voicemail.
Fortunately, it’s not hard to protect your mobile devices.
- Password-protect your mobile device and voicemail with a PIN. Make the password strong and hard to guess by using numbers, upper and lower case letters, and at least one symbol.
- Memorize your PIN. Don’t record it on anything you carry with you. Change your PIN periodically.
- Use “strong” PINs that are hard to guess. These will have numbers, upper and lower case letters, and at least one symbol. For example, “3Dog$” is better than “1006.” You may be limited in PIN selection by the type of phone that you use, but do the best you can to create a strong PIN.
- Never use a PIN (or password) using any number sequence in your Social Insurance number, your date of birth, your middle name or anything else that’s easily guessed or subject to ready access via other sources.
- Arrange phone settings so the screen locks after a short period of inactivity. Arrange phone settings so a password is required to wake up your phone after an inactive period. Use a password that’s different from your others (ATM, email accounts, online bill-paying accounts).
- Download anti-virus software and enable firewall protection for your cell phone. Make sure to update it regularly. Take note: Failing to update software is like being a member of a gym and not working out–looks good, sounds good, but does nothing for you.
- Get out the pen and paper or your PC. Seriously. Make a physical list of everything on your smartphone—all the accounts and documents (or types of documents) it can access.
- Encrypt smartphones used for sensitive business communications, activate a timeout password and install an updated anti-malware program and on-device personal firewall.
- Don’t open unfamiliar attachments, emails or text messages from unknown sources. They’re likely to be harmful.
- Be judicious about the type of applications that you download. Many apps come with spyware or other malicious software. Consider using a more secure computer for sensitive tasks such as online banking.
- Delete voice and text messages with financial or personal information.
- Data-wipe mobile devices. Use programs to destroy a device’s data if the password is entered incorrectly a certain number of times—say 10. Take advantage of software that locks the phone or erases the data remotely if the phone is lost or stolen.
- Delete data on mobile devices. Before throwing away or recycling a mobile device, delete the information on it.
Using Mobile Banking
Before using mobile banking apps for smartphones, make sure your phone is protected by the best security available. That means taking some time to educate yourself on how to recognize malicious attacks and enable security features.
- Read the fine print. Does your bank’s app allow you to delete all banking-related messages, pictures and other data saved on the phone? Can you disable the feature that automatically signs you in to your online bank account the minute your phone is turned on? Once connected to your account, will the app automatically disconnect after a certain period of inactivity? If the bank answers “No” to any of these questions, find a new bank.
- Make sure your phone has an application to encrypt all stored data. Then, use it to protect sensitive messages from your bank and pictures of valid checks.
- Set up your phone to encrypt data. Photos of checks and other sensitive banking data may be stored on your phone’s memory expansion card. Even if the phone itself is secured with encryption, the card probably isn’t. Note that older phones may not have enough power to run encryption software. Learn how to secure an iPhone here.
- Download anti-virus software and enable firewall protection for your cell phone. Make sure to update it regularly.
- Never respond to email messages from your bank that request personal information. Banks never ask for this information by email. Mark it as spam, and delete it. Next, delete all your cached content (sent messages, received messages, etc.) on a regular basis. Finally, check your browser security settings to help filter out phishing emails.
- Be skeptical about text messages. Before opening a text that appears to be from your bank, and especially before hitting “reply,” call your bank first to make sure the message is actually from them.