Your smartphone is your confidante, your hand-held connection to the world â€” and one of your biggest vulnerabilities.
Scammers can take advantage of day-to-day tasks that seem innocuous, like checking a bank balance or charging a phone at a public USB port, to exploit personal information for their profit.
To keep that data safe, start by understanding the threats you face. Your phone has three main areas of vulnerability: its hardware, its software and your phone number. Each carries a risk, and there are steps you can take to mitigate them.
A four-digit passcode alone isnâ€™t enough to secure your phoneâ€™s hardware from intruders.
One weakness comes from the charging port. Think twice before plugging into a public USB jack for a quick charge at a cafe or airport.
â€œAny time youâ€™re using a mobile port, you can be vulnerable to viruses or malware if youâ€™re sharing it with other people who are plugging in their devices,â€ says Lisa Schifferle, ID theft program manager at the Federal Trade Commission.
Using a public charging port at an airport is like â€œfinding a toothbrush on the side of the road and deciding to stick it in your mouthâ€ Caleb Barlow, vice president of X-Force Threat Intelligence at IBM Security, recently told Forbes
Hackers can modify these ports to install malevolent software, aka malware, on your phone. Once installed, it can transfer your phoneâ€™s data to hackers. The hacked USB ports can also directly suck up your phoneâ€™s information. To avoid the risk, use your USB cord with your own charging block that can plug into a standard electrical outlet, or use an external battery pack.
For daily security, go beyond the four-digit passcode if possible, says Gary Davis, chief consumer security evangelist at the cybersecurity company McAfee.
â€œPasscodes arenâ€™t as effective as biometrics, like fingerprint readers or facial recognition software, because people can do shoulder surfing to see your passcode and get into your phoneâ€ if they steal it.
Software and network risks
Scammers can target your personal information using unsecured wireless networks and software vulnerabilities.
Network risks: Be wary of public Wi-Fi networks.
â€œWe advise against using public Wi-Fi, but if youâ€™re going to use it, avoid logging in to sensitive accounts,â€ says Allen Spence, director of product leadership at IDShield, an identity theft protection company.
To protect yourself from inadvertently using insecure Wi-Fi networks, adjust your phone settings to avoid auto-connecting to Wi-Fi.
Software: Hackers can exploit vulnerabilities in phone software. Schifferle of the FTC suggests consumers routinely check for and download software updates for their phones, because updates often include security patches.
Phone number vulnerabilities
There are two common ways that scammers target your phone number: robocall scams and phone number theft.
Robocalls: U.S. consumers fielded nearly 48 billion robocalls in 2018, according to an estimate from robocall blocking service YouMail. That was a 57% increase from 2017.
A common scam comes from supposed representatives of the Social Security Administration requesting you give your personal information or your benefits will be cut. If you get a call from a number you donâ€™t recognize, donâ€™t answer. Thatâ€™s the best way to ensure you donâ€™t get caught up in a phone scam. And know that government agencies like Social Security and the IRS wonâ€™t call you out of the blue seeking your personal information.
â€œYou should never give personal info or money unless you have initiated the call,â€ Schifferle says. If you answer a call and realize it may be a scammer, hang up, she advises.
If you suspect your personal information was stolen by scammers, file a report with the FTC at identitytheft.gov
Phone number theft: Scammers are stealing phone numbers, which can leave you vulnerable to other forms of identity theft.
The scam is clever: A malevolent actor calls your cell phone carrier pretending to be you, and after confirming some key information such as your motherâ€™s maiden name, transfers your phone number to their device. You may not find out this has happened until you go to make a call and find that your SIM card has been deactivated.
Because phone numbers are often used as security keys, hackers may be able to get into many other accounts once they have access to your phone account. Make it harder to penetrate by avoiding common security questions, Davis says. â€œWhen you set up your security questions and answers, make sure youâ€™re using really challenging questions that are going to be hard to figure out.â€
This article was written by NerdWallet and was originally published by The Associated Press.Â
More From NerdWallet
- Renting Isn’t the Ripoff It’s Made Out to Be
- How I Bought a Home in Atlanta
- Will You Be a Scam Artistâ€™s Next Target?
Sean Pyles is a writer at NerdWallet. Email: email@example.com. Twitter: @SeanPyles.
The article Neutralize the Digital Threat You Carry Everywhere originally appeared on NerdWallet.