How to be safe with your smartphone

Security issues, vulnerabilities, and scams, sheesh, owning a smartphone seems harder than it should be, so if you’re at all concerned about how you can be safe with a smartphone, here are some tips.

The WiFi you trust

Few genuinely like to pay for mobile internet access, especially since it’s one of the chief things that can lead to mobile bill shock, so when we see “Free WiFi” at a coffee shop, restaurant, the airport, and any other place, we generally jump on it.

I mean, it’s free. Who wouldn’t want something for free?

Remember in life that there is always a catch, and most of us are on high alert for something of this sort. Unfortunately, when a mobile phone accesses free WiFi, the catch isn’t that you’re going to be advertised to — you can more or less expect that — but rather that the wireless network could have some rather nasty individuals on it who might want to take advantage of unsuspecting individuals.

That’s one of the problems with the Samsung keyboard bug that popped up recently. While Samsung was technically at fault for making the keyboard as God-like application that could run its updates in such a privileged way, the only way a hacker could exploit the vulnerability was by planting a virus-like piece of software over WiFi.

Chances are your friends and family won’t be doing that to you at your home, so your WiFi there is safe, but what about the wireless networks where you don’t know everyone connecting? What about the free WiFi in the coffee shop, the supermarket, or the airport? Lots of people connect to these, and what if someone there wants to leave something dodgy on your phone there?

In that situation, you might be in for a bit of strife, and the easier solution is to just stay on your mobile connection for places you can’t be certain to trust. That means your home is fine, and a small workplace might be, but if you don’t know or trust at least a quarter of the people connecting to a WiFi network, especially one being advertised with the terms “free WiFi” or “free internet”, don’t connect up your phone to it.

It’s just safer this way.

wifi-park

Alert! Alert!

WiFi isn’t the only way scammers can get on your phone, and malware exists as apps, available through both app stores and websites.

For the most part, Apple doesn’t tend to let security-scaring apps through its rigorous app-screening process, and Google is getting better at scanning for security problems, too, but there are other ways to trick you into installing things, to trick you into handing over information, and most of these come from websites.

You’ve probably seen “your phone has a virus” on at least one website, a fake message designed to make you think that’s actually happening. These are just ads, just cons many in the industry refer to as “scareware” designed to make you think it’s real so you install something or pay someone some money, because that’s the real intent here.

For many, if you throw up a convincing alert or error message designed to look like your smartphone, people seem to be more open to clicking on it, and this old technique has been circulating since the internet practically started for regular people, and since scammers started working out many of us could be easily tricked into thinking that a web browser was actually our computer.

There’s only one instance right now where a web browser is actually a computer, and that’s on Chrome, so if you own a Chrome browser, you’re using a web browser that is an operating system.

For everyone else, however, for anyone with an Android phone, an iPhone or iPad, a Windows Phone, a Blackberry, or any other smartphone we’ve missed, if you’re in a web browser — Safari, Chrome, Firefox, Opera, Internet Explorer, or the standard “internet” or “browser” your phone comes with — this is not going to produce error messages made to look like your OS. In fact, a browser will usually just crash and then restart. It’s just something mobile devices do.

Rather, these fake error messages are basically a form of misdirection, aimed at tricking you into thinking you need to enter information at a scamming website, or worse, installing an app that could actually open up your life to someone a little nefarious, or even a lot.

Internet usage is pretty much the most obvious backdoor scammers have into your mobile life, so if it looks a little dodgy, don’t click. Close the tab and get out of there while you can.

Security is key

When you start seeing security issues like the ones above, you know it’s time to invest in mobile security.

Yes, mobile security is now a thing, and just like how you owe it to yourself and your data to have internet security on your computer, you may also want to consider having it for your mobile device, too.

Apple iPhones are pretty much on the safe side, and right now the internet security apps for the iPhone are more or less designed to either let you look at safe cloud storage solutions or provide a safe web browser that can warn you of dangerous websites and website ads like the ones above.

But Android devices might want to consider one of the many solutions available for their product, several of which are free for the basics, which is a good place to start.

Trend's Mobile Security on an Android phone.
Trend’s Mobile Security on an Android phone.

Basic security for Android generally does useful things like scan apps before they install, scan files that are being downloaded, check on your settings as well as app settings to see if they’ll be harmful for you long term, and even locate your phone via GPS if it ever goes missing with remote phone wiping (deletion) technology provided.

Generally, that’s the feature set without paying, with a cost bringing in more things if your phone gets stolen or for stopping dodgy calls, though each security app maker does include different functionality, so check with each before installing or purchasing.

Some phones now come with security pre-installed, such as AVG being preinstalled on smartphones from Sony and ZTE, while Samsung packs its own app and file scanner “Knox” into its Galaxy S6 and S6 Edge handsets.

That’s useful for those phones, but we’d suggest checking some of the apps below to see whether they’re ideal if you have an Android phone, because with quite a few flawed apps available on Android and a constant risk of vulnerabilities — truthfully, no operating system is safe, but Apple appears to be better at blocking dodgy apps and issues — installing mobile phone security is an easy way to at least safeguard your phone.

You’ve probably noticed that all of these more or less have the same name and most appear to do the same things, so picking which one generally comes down brand trust. Keep in mind, though, that if you have a subscription to an internet security solution, it may actually come with the paid version of the app free, so check your account for your Windows or Mac OS counterpart and see if a mobile app is included. If so, go with that one.

Windows Phone users might also wonder why they’ve been left out of this section, and right now that comes down to the fact that there are few apps made to infiltrate the Windows Phone operating system. This might change when Windows 10 kicks in, especially since Windows 10 for phones is basically a smaller version of the Windows 10 for other computers and shares similar code, but right now, being a Windows Phone user is a fairly safe situation, similar to being an iOS user.

nokia-lumia-435-04
Windows Phone owners don’t have much in the way of security to worry about at the moment, but that could change from July 29 when Windows 10 starts rolling out.

Be smart about security

There’s security applications, and then there’s good security, and this comes from practices you — the user — employ when you’re using your smartphone.

One of these practices is to have a form of security on your phone to unlock the handset.

This might be a number code, a line-based picture you need to draw on screen, a specific group of knocks, or something a little more biometric with fingerprints being employed, but something will go a long way compared to having the phone just swipe to open up and provide your files and information to the world if your phone were to get misplaced or stolen.

Worse, having passwords and/or confidential information available in a text file on your phone is a bad idea, and is a little like carrying around your passwords sticky taped to the back of your device.

It’s unsafe, and you just shouldn’t do it because if you don’t have any security on your device, or you do and it’s easily bypassed, these flat files could be found by anyone, especially if you call them something simple like “passwords”. That’s just opening a world of danger.

Ultimately, being smart about your security is the best thing you can do, so it might be worth considering something like a password storage app that offers encryption. A search on the app store found on your device should yield some results quickly, and this combined with good password creation practices can help to make your access to services something that only you know about instead of something the entire world is aware of.

password-security

Finally, being smart about security comes from making smart decisions about what you click and the sorts of messages you receive on your device.

Already, we’re seeing some sneaky ways pushed out by scammers to get your details, and this isn’t going to stop any time soon.

Your information — essentially your identification — is worth a lot to cybercriminals, so doing what you can to protect it has to be of paramount importance.

If you get messages from people you don’t know asking you to reset information, or telling you that security has been compromised, head to the website yourself, not from a link, but from typing it in yourself and see if it is true. If it’s a lie, delete the message and move on. Scammers will be taking this method pretty seriously, hoping that we’ll pay attention to messages from unknown numbers as if they’ve been sent from the company.

Don’t play that game, and show them that you know better.

9899_password

…and if you’re still worried!

If you’re still worried about the whole smartphone thing, about all the flaws, security issues, problems with the operating system, and fear that you just won’t be smart enough to dodge something terrible, there’s always the James Cameron option.

The “James Cameron” option is to quit the whole smartphone game and go back to something a little less smart, what many now refer to as a dumb-phone.

Speaking with USA Today in 2014, the director of blockbusters “Terminator 2”, “Titanic”, and “Avatar” told the publication that “every place you go with that thing they know exactly where you are”, telling the journalist that he was the proud owner of an old flip-phone.

4006_Nokia_6600-and-3600
Relics… and yet they’ll still probably work.

This style of device predates what we now call a “smartphone”, which is to say it lacks an operating system that can connect to the modern internet. It can still make and take phone calls, receive short messages, and likely even play the odd game or two (Snake anyone?), but it can’t be broken into by a hacker looking to plant a fake application that is actually a form of malware. In fact, these can’t even do much with the internet, used specifically for mobile communication, not internet-based communication.

If that’s all you want, the dumb-phone can offer that, but be aware that few of these are being made anymore, as most manufacturers move completely to smartphones, or devices with large touchscreens, cameras, and mobile modems built to turn the phone into something more like a small computer you can fit in your pocket or bag.

If anything, you’ll find more of these on auction or classified websites like eBay and Gumtree, and we can only imagine that these will probably end up in a retro revolution at one point, until telcos phase out support for this old hardware, forcing everyone else to a smartphone.

And that will happen at one point, but you’ve probably still got some time before it does, so if you’re worried, this last option will work for some time.

doro-623-optus-2014-07-06
Doro is one of the last makers of the dumb-phone, building button-based phones with louder speakers and emergency call-out systems for seniors and children in need of smartphones.