Mobile devices are being increasingly targeted as they become one of the primary ways in which we interact with the world and Internet at large and thus the proliferation of mobile malware is on the rise as well. It’s possible, though not always the most practical, to use a tiny mobile device for all of your needs, including banking and anything else that includes sweet personal data that someone else might want to take from you. Why make your own money when they can simply take the fruits of others. A full 57% of smartphone users fully bank using those devices, according to Pew research.
Mobile Malware is a problem, but there are still plenty of ways to be safe
Because they’re such intimate parts of our lives now, with nearly two-thirds of Americans owning a smartphone, there could potentially be far more data lying within that you don’t want others to have. Not to mention the metadata that you willingly give companies (or halfheartedly click agree to) when using their apps. There are, however, plenty of ways to keep yourself secure, not the least of which is being very diligent in your browsing.
Make sure to lock your phone. Always have some sort of password or at the very least a PIN to protect it. If you can, also add in some bio metrics if your phone supports that. Though we worry about those that can simply copy your fingerprint to gain access, it’s actually quite a bit more complicated than most would have you believe.
Encrypt your data. Always encrypt your data because it really doesn’t have much of a performance hit on accessing storage anymore. Despite the small issue with the Nexus 5 and Qualcomm devices, it should be common practice and standard procedure.
Set up remote wiping. It might seem like a no-brainer, but I too have glossed over it a few times. Always give yourself the upper hand in a bad situation. This would let you delete everything so nothing is available to your would-be attackers.
Back up everything. Always make sure you backup your most sensitive data, and always encrypt those backups just in case someone wants to carve through those backup files. If you simply keep things synced through appropriate third-party services, than make sure your passwords to those are complex and not so easy to crack.
Avoid apps from third-party stores. There’s no good reason to get an app from a non-approved app store, because this is a common way to spread mobile malware through the mobile sphere. You’re in luck on an iPhone and don’t really have to worry, but with side loading of Android apps there are plenty of opportunities to find non-legitimate apps that are likely to include some kind of malware. If you absolutely must get an app not from the appropriate stores, research furiously and ensure you’re able to check the hash of the app before side loading.
Don’t Jailbreak or Root your iPhone or Android device. Just don’t, unless you’re specifically researching something or absolutely need something that can only be achieved through unlocking your device. Most of the time there’s really no need unlock your phones operating system, and for the majority it presents a security risk. Not to mention it’s far easier to make a logical copy of your device when it’s unlocked like that. Doing this makes you an easier target for mobile malware makers.
Update often. I never recommend being the guinea pig, though always update to the newest version of your particular OS shortly after it’s released. Mobil malware is always evolving, so you should be looking to evolve your operating system right along with it.
Beware social engineering. Despite it seeming like something out of a movie, social engineering is pretty effective in the hands of a professional. And with those third-party app stores they love to spoof apps to get you to enter your details. They also like to craft strangely accurate emails to try to goad you into giving up those details and personal information as well. Be careful and always look to the message source to see if the email its coming from is legit and be wary of things you aren’t expecting. Always question and be skeptical.
Be careful on public WiFi. Public WiFi hotspots are ripe for the picking of your data, even with an SSL connection between you and the sites you visit and that apps may use. It’s relatively easy to break through SSL and just capturing the data can make it vulnerable after a bit of processing anyway. Consider using a VPN, paid or free, when surfing over public WiFi hotspots. They can potentially be a big danger.
Again, these are just a few things that can keep you safe, but with diligent enough browsing habits and an eye toward skepticism, you’ll likely be fine. Also, consider looking at encrypting your emails to those you trust and asking them to kindly do the same. You can find our tutorial helpful in setting that up on the desktop.