- June 4, 2019
- Posted by: Ron Frechette
- Category: Blog, Featured
Cybersecurity Awareness – By Ron Frechette, The Cyber Coach
When most people think about the potential of having their personal, financial, or business information stolen, they rarely consider their smartphone as a threat vector for cyber criminals. It is estimated that American adults spend an average of 11 hours per day on their phones. The smartphones of today are much more powerful than the PCs of yesterday.
In today’s Digital Age, most of us use our smartphones as a primary means for conducting both personal and professional business tasks such as on-line banking, shopping, and/or sending client emails that may contain sensitive information. In our quest to be more efficient, we fail to consider the risks and vulnerabilities smartphones pose for cyber-attacks.
Mobile Device Breaches on the Rise
The number of security incidents involving mobile devices has increased over the past year, simply because we are not protecting our smartphones as well as we do other devices such as PCs and laptops. According to a recent study by Verizon, one in three organizations admitted to suffering a compromise due to a mobile device. Mobile device manufacturers have, for the most part, done a good job building secure mobile operating systems. That said, as the cyber-criminal landscape continues to increase, so does the risk of cyber-attacks on smartphones. Let’s examine how hackers are exploiting our mobile devices.
How Hackers are Accessing Mobile Devices
Malware is making its way onto mobile devices. Like with a PC, you can be tricked into downloading malware to your mobile device. It’s often disguised as something that would entice you to respond.
PCs view mobile devices as storage device, like a flash drive. When you synchronize your phone with your PC, some types of malware can jump to, or from, your mobile device.
Buffer Overflow Attacks
When a program tries to store more data than it was intended to hold, it overwrites adjacent memory caused by a programming error. A side effect of the error can lead to a common type of security attack. These buffer overflows affect data integrity and/or can lead to privilege escalation or remote code execution attacks on PCs. Buffer overflows are being seen more on mobile devices.
Denial of Service attacks are designed to make computer resources unavailable to their intended users. Again, once focused solely on PCs, we are now seeing this type of attack on smartphones.
SMiShing is basically phishing that can be carried out via text message. Cybercriminals use cell phone text messages to entice you into exposing sensitive information.
7 Steps to Secure Your Smartphone
1. Password-Protect Your Phone
Use a complex and unique password. A good password mixes letters, numbers, punctuation and special characters.
2. Set Your Phone to Auto-Lock
Auto-locking will require a password for you to re-enter after a certain amount of time. This feature is imperative in public spaces where many phones look alike and can be accidentally swapped.
3. Use VPN on Wi-Fi networks
Use a VPN whenever possible, especially in public places that offer free Wi-Fi.
4. Turn off GPS, Bluetooth and wireless features
Obviously, when you’re not using them. They drain battery life and thieves can pair their Bluetooth device with yours to hack personal information or even track you.
5. Enable Remote Wiping & Tracking
In the event your phone is stolen, you can remotely lock your phone and even erase its data while the GPS tracks its movement.
6. Verify Before You Download
Before downloading any apps to your phone, always do a quick search to make sure they come from a legitimate site or publisher.
7. Conduct Routine Back Ups
Make sure to conduct routine backups on a computer, USB drive or cloud storage service.
These best practices will dramatically reduce the risk of your smartphone becoming your worst enemy. As we enter the summer months, especially in vacation mode, our cerebral defenses tend to wane as we lie on the beach, listen to music, and sip on our favorite fruity drinks while recklessly swiping and clicking away on our smartphones. Cybercriminals know this and are ready and waiting to strike.
Wishing all a fun, relaxing summer and a safe journey in cyberspace!
GoldSky Security offers small and medium sizes business cybersecurity solutions across the US and currently has offices in Orlando, Denver, Nashville, Phoenix, Tampa & Washington D.C.
Questions? Send me a tweet: @GoldSkyRon or email email@example.com