A staggering 96% of Americans have a cell phone, while 81% own a smartphone, according to Pew Research. Internet usage is increasingly mobile, with a fifth of Americans now using smartphones as their primary means of online access.
As mobile devices have grown in popularity, many services and even the internet itself have evolved to accommodate them. We shop on our phones, we take and share photos, we bank, we send messages, and we use a wide variety of apps and games. Our phones hold some of our most intimate secrets and sensitive data, so it’s wise to take some simple precautions to ensure your mobile devices aren’t compromised by cybercriminals.
1) Use Login Protection
Mobile devices always have a secure login option. Most modern smartphones use biometric security, enabling you to unlock your device with your fingerprint or your face. Older devices use passcodes or PINs. Despite these measures being available, many people leave their phones unlocked. As many as 52% of people surveyed by Kaspersky Labs admitted that they don’t password-protect their mobile devices.
Think of all the things a thief could access if they got a hold of your smartphone. Failing to set up a password or PIN is like leaving your front door unlocked. Always set up login protection.
2) Be Wary of Public Wi-Fi
With free internet access at cafes, restaurants, airports, hotels, and in many other public spaces most of us are used to connecting wherever we happen to be. But public Wi-Fi hotspots may not be what they appear to be. Any enterprising cybercriminal can set up an access point near a café or from a parking lot and give it the venue’s name. If you connect, then all the information you send will be routed through the hacker’s own hotspot.
You could fall victim to a man-in-the-middle attack or be redirected to a fraudulent website designed to steal your login credentials. Never access sensitive data or web services using a public Wi-Fi connection. Verify URLs and look for secure HTTPS/TLS connections with the lock icon in your browser.
3) Consider The Apps You Use
While Google and Apple have stepped up their security and routinely scan the apps in their app stores, there are still occasions when malware sneaks in. Even legitimate apps will often collect data about you that you may not want to share. Third-party app stores often contain malware, and jailbreaking or side-loading can bypass your mobile device manufacturer’s security measures.
A malicious app could potentially give control of your phone to a cybercriminal and allow them to access everything. Get rid of any apps you don’t need, consider the app developer, and always question the permissions that the app is asking for.
4) Be Vigilant For Phishing Scams
Because of the way we use mobile devices, the risk of phishing is heightened. A text or email may come in when we’re distracted and busy, which may be enough to lead us to tap on a link without thinking. Innocuous-looking links in text messages, social media messages, or emails can trigger malware downloads and give hackers access to your photos, banking information, and more.
Always consider the sender and even when you recognize the name look closely to make sure the address or number is correct. Never tap on links in unsolicited emails or messages.
5) Spyware Is A Real Threat
There are lots of spyware or stalkerware apps out there that track your location and potentially even spy on your messaging and other activity on your phone. Usually, these kinds of apps have to be physically installed by someone, but remote installation is possible in certain circumstances. Leave an unlocked phone unattended and a bad actor can install spyware on it in a matter of minutes.
Always use login protection and never share your passcode or PIN with anyone. Be aware of the possibility of phishing scams. You should also be careful not to use work devices for personal reasons, as employers can legally snoop on anything that’s done on a device they own.
6) Employ Free Security Measures
Aside from login protection, most mobile device manufacturers offer some form of tracking, and sometimes even remote controls, for lost or stolen smartphones. Take the time to check what free security measures are on offer and to set them up. Make sure you have a secure record of any login details you might require for these services should your phone go missing. It’s also a smart idea to regularly back up any precious files, such as photos and videos.
Keep in mind that additional security services will be rendered useless unless you use a passcode or PIN to prevent any thief from gaining easy access.
It’s relatively easy to secure your mobile devices and it won’t cost you anything, but it could save you a lot of trouble.
About the Author
Stu Sjouwerman is founder and CEO of KnowBe4, developer of security awareness training and simulated phishing platforms, with over 35,000 customers and more than 25 million users. He was co-founder of Sunbelt Software, the anti-malware software company acquired in 2010. Stu is the author of four books, his latest being “Cyberheist: The Biggest Financial Threat Facing American Businesses.” He can be reached at [email protected].
QUICK LINKS 
