Smartphone Security

Many of us use our phones for everything, from the traditional use of making and receiving phone calls to paying for items in shops and online.  We may use them to access our bank accounts, possibly even to create video content for our social media or as a commercial activity.

Many of our security products can be managed from a smartphone with access to CCTV footage, management of access control systems and intruder alarm management all accessible via your mobile.  When we add this functionality into the mix we can see just how much we rely on our phones for the important aspects of our lives – what would happen if you lost your phone?

Losing our phones is one thing, but having them hijacked by scammers is another matter altogether.  Because you still have your phone, you’re not at all concerned that someone else has access to it in the same way you are when it goes missing.  This is the weak point in our psyche that scammers can exploit to use our personal data for fraud or to bypass the security systems we have in place for our homes and/or businesses.

Scammers can take control of your phone through a number of methods:

Phone Number Theft.  Once scammers have some key information like your date of birth, mother’s maiden name or that of your first pet (the sort of information that is available from a public facebook profile where you’ve done one of those “generate your fairy name” games) they can call your phone provider and switch your number to a different sim card.  They can then access all sorts of services that rely on two-step verification via a texted code, because they’re the ones receiving the code.

Public Wi-Fi.  These unsecured networks are full of vulnerabilities that hackers can use to access your phone, data, or even saved password information, so never log in to sensitive accounts using unsecured public connections.  It’s inadvisable even to log into certain social media accounts or your emails in case hackers steal log in details for these, later using them to gain control of your identity for financial gain.

Juice Jacking.  This is where fraudsters set up a public phone charging point to take advantage of everyone’s need for 100% battery.  You plug your phone in via the USB port to charge it, and because that’s also the data port you have just allowed the fake charging point access to all your information.

Software Weaknesses.  Phone operating systems need to be regularly updated to patch potential weak points in the software that have been found and exploited by scammers.  Ensure you keep your phone up to date, but only download these software updates on a secure connection to avoid downloading malware or making your phone vulnerable to attack.

Scammers are constantly finding new ways to get into people’s phones all the time, so this is just the tip of the iceberg.  It pays to be aware of the risks of certain uses of your phone, especially if you have access to your home or business CCTV.  Would you want criminals looking at your family in or outside the home?  Would you want a burglar to be able to access your business CCTV and wipe footage of their crime?  Would you want your alarm system to be disabled because crooks had cloned your phone with all your security access on it?

We’re often aware of the risks posed by having bank cards and apps stored on our phones, but not so wary of the ability of criminals to get into our security products and even our smart devices – imagine being sat at home when all the lights start going on and off, and the heating starts up full blast, all because some nefarious being has hacked into your phone and got control of your smart home automation settings.

Our phones are powerful tools and this has certainly made life a lot more convenient in many ways.  With that in mind, be alert to phone based scams and the potential for criminals to access your phone, and what they can do with it.