Mobile phones are incredibly powerful communication tools, but they are inherently insecure. For many of us, it is our primary device and keeping it secure is as important if not more important than securing your computer. Learn how you can keep yourself, your personal information, and your friends and family safer.
DON′T WAIT, UPDATE!
When you update your mobile phone’s software or applications, it fixes problems and removes security holes.
THINK BEFORE YOU CLICK
Don’t just open attachments or click on links you receive in your email, Facebook, WhatsApp, and other communication apps
TURN ON 2-STEP VERIFICATION ON GMAIL & FACEBOOK
Add an extra layer of security by turning on 2-step verification.
YOUR PHONE CAN TRACK YOU
As long as you are connected to a cellular tower, your location can always be tracked.
YOUR PHONE CAN LISTEN TO YOU
You might think your phone is just for talking or chatting with your friends. But did you know your phone is also listening to you?
THINK TWICE BEFORE YOU USE WECHAT
Installing WeChat on your phone is like inviting the Chinese government to spy on you.
Smartphones will ask you to update their built-in software every now and then, and, more frequently, you will be prompted to update your apps.
Like computers, Apple iOS, Android and Windows Phone operating systems and apps have security vulnerabilities in them that are discovered over time. These weaknesses, when known to the companies that make the software, are fixed (or “patched”) through a software update sent over the Internet and mobile networks
When ‘System Update Available’ notifications pop up on a smart phone, most users have the tendency to either ignore or swipe them away. Doing this means increasing the risk that the phone may be successfully compromised as most hacking attacks target old and out-of-date versions of the built-in software
Have you ever got these kinds of messages containing links on your messaging apps on your mobile devices from an unknown person?
“You have won ₹50,000/-, click on the link to get the prize”
“Watch the video of the latest self-immolation in Tibet?”
“We detected fraudulent activity on your Facebook account. To reset password click on here”
What did you do?
If you have clicked on the links sent on your apps like Facebook messenger, Whatsapp and Instagram, there is a high possibility that your device is compromised. This kind of attack can be from an unknown contact or a known person. Which can infect your mobile phone with malwares that steals information from your phone.
When you see links sent from a suspicious or even known person, don’t click on it right away. .
Always copy the link and paste it on https://www.virustotal.com/gui/home/url to check if the link contains malware. These kinds of links may contain malwares so the best option would be to ignore the message or block the person.
Making your password alone doesn’t make you safe from phishing attacks, Turning on 2-step verification on Gmail and 2-factor authentication on Facebook adds an extra layer of security. Even if a cybercriminal has your credentials, it is not possible to login without the six digit number or one time password which only you will get on your phone either through SMS or via Gmail app or Authentication apps.
- Your SIM card stores identifying information. Each SIM belongs to a specific mobile provider, who knows what phone number it is associated with, and any information you provided when you bought the SIM card.
- Your phone handset also has a unique number. It is called the IMEI number, and it can be tracked at all times. You can dial #06# or look inside the battery compartment of your phone to find the IMEI number.
1. If you don’t want to be identified, change your SIM Card AND your phone. Changing only one of them is not enough.
2. Use pre-paid SIM cards that aren’t registered in your name.
3. Buy a cheap, low-tech mobile phone that you don’t mind throwing away if necessary
Your phone is designed to give out information about your location.
As it tries to find the strongest network signal, your phone is constantly connecting to every mobile network tower near you, identifying your location and registering your SIM and IMEI numbers. By figuring out how far away you are from each tower, your location can be pinpointed.
Many phones also now have GPS, which identifies your location even more precisely. This location information can also be embedded in other data such as photos, SMS and internet requests that are sent from the phone.
- Take your battery out of your phone when you don’t want your location or movement patterns to be broadcast. Switching your phone off is not enough.
- Turn off GPS if you are concerned about your location being identified.
Mobile phone providers have full access to the calls and text messages you make on their networks, which can be listened to and recorded. Governments can also usually access this information.
Your phone can be remotely set to act as a microphone for others to listen to your conversations, even if you are not using your phone at the time.
- Be aware of what you are saying in calls and text messages. Try to avoid sharing sensitive information or speak in code if you need to.
- To prevent your meetings or conversations from being heard, take the battery out of your phone or leave it somewhere far away. Switching your phone off is not enough.
Records about you, your contacts, and your calls, messages, and other communications are accessed and stored on WeChat’s servers in China. Like any Chinese company, the owners of WeChat must give the Chinese government access to all of this data.
- If you have WeChat on your phone, be aware that everything you do could be monitored and that you could be putting your contacts at risk. Be very careful about doing or saying anything sensitive.
- Try deleting WeChat and using a safer messaging app like Signal or Zom instead.
Do you ever read the permissions you give an app before you install it? Most of us do not have the habit of doing so and if even if we do, we would be baffled by the kind of permissions apps ask that have nothing to do with how it functions.
For example, flashlight’s purpose is to provide light. So it would definitely require access to our camera since it uses the camera flash for the light. But why would a flashlight need access to our phone records, photo gallery, and contacts?
Many of these apps act similarly to malicious software, they are more interested in our data.
A few more things to remember to help you stay safer on a smartphone:
- All the data you store on your phone is vulnerable – photos, videos, contact list, emails, messages. Be careful what you keep on your phone.
- Turn off and disable your WiFi and Bluetooth whenever you aren’t using them so they aren’t broadcasting.
- What keeps you safer on a computer keeps you safer on a phone, too:
- Think Before You Click! Don’t just click on random attachments and links.
- Detach from Attachments! Use file sharing services like Google Drive, Dropbox instead of emailing attachments.
- Make Your Passwords Long and Strong. Use at least 12 characters with unpredictable combinations of upper and lower case letters, numbers, and symbols. Set up a passphrase password to access your phone.
- HTTPS Keeps you Secret – Safe – Secure! Choose apps that use HTTPS encryption at all times.
- Choose communication apps that provide end to end encryption like WhatsApp, Signal and Zom for your communication.
Use reputable, secure app alternatives like those from https://guardianproject.info/apps