Mobile devices like smartphones and tablets are basically small portable
computers. Just like your computer at home they can be hacked, infected
with a virus and, if unsecured, provide access to your personal information.
Protect yourself and your mobile device
Keep your mobile device with you at all times. Remember if your mobile device is unsecured and it is lost or stolen:
- it could be used to access your money or to steal your identity using information on your device
- you may have lost irreplaceable data (if it is not backed up)
- it
may provide access to your social media accounts which could enable
someone to pose as you, or steal your identity using your profile
information (such as your date of birth and photo)
- someone may use your phone or its Subscriber Identity Module (SIM) card and rack up telephone charges to your account.
Secure your mobile device
- Turn on the security features of your device – all devices have
them. Contact your manufacturer or service provider for instructions, or
look them up online.
- Set a password or Personal Identification Number (PIN) that must be entered to unlock the device and put PINs on your SIM card and voicemail.
- Install reputable security software – your device's manufacturer can provide recommendations.
- Update your device's operating system as soon as new updates are available. Set them to update automatically when connected to wi-fi to keep data costs to a minimum.
- Leave
your Bluetooth turned off or in undiscoverable mode (hidden) when you
are not using it. When connecting using Bluetooth, do it in private,
uncrowded areas only.
- Use encrypted wi-fi networks that require a password and ensure your device does not automatically connect to new networks.
- Record
the International Mobile Equipment Identifier (IMEI) of your handset, a
15 or 17 digit number usually printed on a label under the battery. If
your device is lost or stolen, you can report this number to your
provider and they can block the handset from being used.
- Use remote tracking (via GPS), enabling the locking and/or wiping functionality if your device supports it.
Secure your information
- Back up your data regularly, either when you synchronise it with a computer or on a memory card.
- Do not save passwords or PINs as contacts on your phone.
- Avoid online banking over public Wi-Fi or in busy public areas. Passers-by could be watching what you are typing (known as shoulder-surfing).
Using applications (apps) on mobile devices
Many apps have the ability to collect and transmit data from your
device about your personal information, location, contacts and messages.
You can control the personal information accessed by the apps by
choosing permissions at the time of installation.
Be careful of downloading hoax or malicious software that could contain a virus
or malware. Always source your apps from reputable providers and review
the feedback other users leave. If you are unsure why an app needs
access to your contacts, calls, photos or location, see if there is an
alternative
app available that has the same functionality that you require.
Be smart about how and where you use your mobile device
- Stick with reputable sites and applications when downloading anything from the internet.
- Do not download content, particularly applications, from unknown or unreliable sources. They could contain malicious software.
- Turn GPS settings off when not in use as this can be used to track your location.
- Log out of websites when you are finished.
- Think
before you click. Do not open anything unless you are expecting it and
it is from a trusted source. It could contain malicious software or take
you to a malicious website.
- Change your settings so that your device asks permission to join any new wireless networks.
Protect against malicious software (malware)
Viruses, spyware, trojans and
worms are all types of malware. Malware is software designed to be
installed into a computer system to cause harm to the user or others.
Malware can track your movements in the real world and steal information (including passwords) for the purposes of identity theft or crime.
- Watch
out for prompts or warnings asking if you want to allow software to
install or run. If you do not know what it is, do not accept the prompt.
- Avoid
'rooting' or 'jailbreaking' your device. Rooting or jailbreaking
involves intentionally bypassing software restrictions in the device to
enable additional flexibility or functionality, but it also bypasses
security restrictions exposing your device to malware threats.
- Only
use legitimate app stores: avoid 'side loading' from third party app
stores, as these are more likely to harbour malware (even in seemingly
legitimate apps).
- Check app permissions. When an app is
installed it has to ask the user for 'permission' to use specific types
of functionality. Consider whether you want that app to have access to
your information.
- Keep a close watch on your billing
information. Some malware makes money for scammers by sending SMSs from
your device to premium-rate numbers. Contact your carrier immediately if
you see any unexpected activity on your account.
Symptoms of malicious software infections
Your device may have been infected with malicious software if any of the following things have happened:
- There is a sudden increase in your phone or data bill with no clear reason.
- Your device has emails and messages in the sent folder that you did not send.
- The user interface changed without you taking any action to change it.
Contact your service provider for instructions on how to identify and remove malicious software.
Using public wireless networks
Public wi-fi 'hotspots' in public
places like cafés, airports, hotels and libraries are convenient but
unlike your home computer, use of public hotspots involves security
compromises. It is easy for other users to intercept your data, so be
careful about what information you send or receive while connected.
Try and limit activity when connected to a public wi-fi network to web browsing and avoid banking or any other activities that involve user password access.
Avoid
using hotspots that are run by people you do not know or trust.
Criminals can set up hotspots known as 'evil twins' and 'rogue hotspots'
to steal users' information.
Always try and use encrypted (password protected) networks.
|