Cell phones and tablets hold private data such as credit cards, airplane tickets, and previous GPS destinations, but is this data protected? Recently, Jeff Bezos, the CEO of Amazon, iPhone was hacked by using a phishing technique of sending a malicious video through WhatsApp. Jeff Bezos has the top cybersecurity executives of the world working to make sure his data and confidential information is safe, but as with all security procedures, there is no such thing as too much. In this post, we will go over important phone security procedures to make sure your phone is not compromised.
1. Install the Latest Operating Systems
Keeping all software up to date on your phone is an essential cybersecurity practice that everyone should follow. Having the latest firmware and updates ensure that any vulnerabilities or issues that were discovered with previous versions are patched and fixed. WhatsApp, for example, is a very popular instant messaging service that is used throughout the world and is updated and patched infrequently to keep the platform safe and secure. Once a vulnerability has been discovered in software, hackers act very quickly to do what they can to exploit that said vulnerability. If your software has not been updated to the latest version increases the risk of your phone not being fully protected. An easy solution is to let your phone auto-update once a new software update is available.
2. Be Careful While Using Public Wi-Fi
Public Wi-Fi is always sketchy because you do not know who else is connected to the same network and what their intentions are. While someone hacking into your specific phone while on the network has become harder with new updated operating system security software; however, there is still a chance that someone could be looking at the traffic coming from the network. This can allow the hacker to perform various cyber-attacks to get your private information such as man in the middle attacks. An easy solution is to avoid public Wi-Fi use if possible and use a VPN while browsing on public Wi-Fi if you must.
3. Beware of Phishing Attacks
The most common way for a phishing attack to occur is over e-mail, but it can happen through any transmission of attachments or links. Any app that allows the ability to send and receive messages opens the opportunities for hackers to send phishing attacks directly to you. A phishing attack is when a hacker sends a malicious attachment or link that installs malware on your device without you even realizing it. Most phishing attacks can be identifiable before clicking the link by verifying the sender and reading the message along with the link or attachment sent. Even if the sender is someone on your friend's list or someone you know, it is still important to be careful because their account or profile could be compromised. In order to prevent phishing attacks, you must carefully read the message and verify the sender before accepting or clicking on any external links.
4. Only Install Verified Applications
Installing malicious apps is an invitation to a hacker to steal all your data and private information. Altering or “Jailbreaking” your phone is not a good idea from a security standpoint because it can drastically increase your risk of downloading a malicious application. Before a phone application can be offered on the app store, Apple and Google verify the apple and make sure that it will not harm the user’s phone in any way. With IOS every app on the app store has gone through some verification process to allow it to be on the app store, and Android systems will verify apps on the google store. It is also a good practice to read the user reviews under applications to ensure it is not a malicious application.
5. SIM Swap Attacks
Hackers use SIM swap attacks to hijack a victim’s phone number, instead of focusing on the device itself, hackers target the user's phone service. After gaining access to a user’s phone number hackers can easily access applications or services that used two-factor authentication using text or call methods, and access private information the victim once thought was protected. In order to carry out a SIM swap attack, a hacker must have a non-active SIM card which they activate using the victims' phone number on a new device. This can be done by going inside of a retail cellular service storefront or by calling the 1-800 customer care phone number. Once the SIM card has been activated a hacker can access and change your banking and social media profiles. Good ways to thwart hackers from successfully hijacking your phone number is to make sure you have a verification pin on your cell phone service account that only you know. This adds an extra step by requiring the hacker to know a 4 to an 8-digit PIN that is required to make any changes to your cellular account.
Interested in learning more about Cybersecurity? Enroll in our 5 -day Bootcamp and learn what it takes to become certified cybersecurity professional. Call 703-535-8600 today for more information!
SecureNinja is an award-winning training and certification school, and SecureNinja has a proven track record of assisting Fortune 100, Government, and Military organizations. For more information on how SecureNinja can benefit you or your organization fill out the form to the right of this post or visit secureninja.com/contact.