Recently, I posted on my threads asking whether people actually use antivirus software on their mobile devices. I noticed that almost everyone never uses one, which makes sense since modern mobile platforms (iOS and Android) do a good job of keeping these devices safe from malware. However, cyberattacks extend beyond just malware, which is why it is important for users to pay attention to other forms of attacks.
In 2022, close to 10% of all cyberattacks were executed via mobile devices, with over 2.2 million attacks occurring in December alone. Smishing (SMS phishing) and vishing (voice phishing) are some of the common ways attackers use to trick users into sharing sensitive information that they can later exploit to execute more paralyzing attacks. Today, I will discuss some expertly proven ways to keep your mobile device secure and the kind of attacks each strategy protects you against.
4 Signs Your Smartphone Might Be at Risk
Before we jump into the different strategies you can use to ensure your phone is always secure, let’s cover some of the common signs that your device could be under attack.
1. Unexpected Battery Drain and Overheating Without Heavy Use
If your phone’s battery drains quickly or the device overheats without running resource-intensive apps (like games or video editing), it could indicate malware operating in the background. These malicious programs may perform activities such as sending data to a remote server, mining cryptocurrency, or constantly tracking your location. Such unauthorized usage can strain your phone’s CPU, GPU, and battery, leading to overheating and faster depletion.
2. Location, Sound, or Camera Icon in the Status Menu
Both iOS and Android show a small icon in the status bar when your location, microphone, or camera is being used. For example, a green dot on iPhones or icons in the Android notification bar. If these icons appear when you’re not using any app that requires them, it could mean spyware or malicious apps are secretly accessing these features to track your movements, record conversations, or capture photos and videos.
3. Strange Pop-Ups or Ads
If you’re seeing frequent pop-ups, especially on your home screen or while using unrelated apps, it could mean your phone is infected with adware. Adware is designed to bombard you with ads, often redirecting you to phishing or malicious websites. These pop-ups might look like system notifications, tricking you into clicking on them. This can also indicate deeper malware infections attempting to steal your data or money.
4. Unfamiliar Apps Installed Without Your Knowledge
Finding apps you didn’t install on your phone’s home screen or app library can be a sign of malware or unauthorized access. Some malicious apps install additional software without your permission to create a backdoor, steal data, or spy on you. These unfamiliar apps can also disguise themselves as legitimate system tools, making them harder to detect. Sometimes, they’re programmed to hide their icons to avoid suspicion.
12 Steps to Protect Your Smartphone
These are the tried and tested steps you should follow to protect your phone from common attacks:
1. Keep Your Software Updated
Keeping your phone’s operating system and apps updated is critical for security. Updates often include patches for known vulnerabilities that hackers might exploit. Despite being a simple step, many users delay updates, making it an underrated but powerful security practice. This is why Apple and Google release crucial security updates for even older devices that no longer support their latest operating systems.
2. Enable Two-Factor Authentication (2FA)
2FA adds an additional layer of protection to your device accounts. Even if someone guesses or steals your password, they won’t be able to access your account without the second verification step (like a code sent to your phone). Use 2FA on essential accounts like Google, Apple, or any apps tied to your phone.
3. Download Apps Only from Trusted Sources
Only install apps from official stores like Google Play or the Apple App Store. Third-party app stores often host malware-laden apps disguised as legitimate ones. This can usually be due to the fact that don’t have the capacity to fully verify that every app they host is malware-free. Such apps can steal your data, spy on you, or damage your phone.
4. Avoid Public Wi-Fi or Use a VPN
Public Wi-Fi is a convenient solution to access the internet, but is risky because hackers can intercept the data you send over these networks if they’re not fully secured. Avoid accessing sensitive accounts or making transactions on public Wi-Fi. If you must use it, ensure to use a VPN since it encrypts your data, making it difficult for hackers to see or steal your information.
5. Review App Permissions
When installing apps, always review the permissions they request. Many apps ask for unnecessary access to sensitive data like your location, photos, or microphone. Only grant permissions that are absolutely necessary. If in doubt, deny the request until the time comes when you need that app to access a particular feature or data on your phone.
6. Turn Off Bluetooth and NFC When Not in Use
Hackers can exploit Bluetooth and NFC connections to gain unauthorized access to your device. Turn them off when you’re not using them to reduce the risk of attacks like Bluetooth hacking or NFC skimming. You should also avoid connecting to devices that you don’t trust via Bluetooth, as some of these could use it as a way to access data on your phone.
7. Use Strong locks and Passwords
Ensure to set up a strong PIN, pattern, or password to lock your phone. Combine this with biometric options like fingerprint or face recognition for added security. Having a strong lock ensures that even if your device is lost or stolen, it’s harder for someone to access your data.
8. Enable Remote Tracking and Wipe Features
Features like “Find My Device” (Android) and “Find My iPhone” (iOS) allow you to track, lock, or erase your phone remotely if it’s lost or stolen. This ensures your data doesn’t fall into the wrong hands. Make sure they are enabled on your device.
9. Back Up Your Data Regularly
Regular backups allow you to restore your phone to a previous state in case of malware infections or device issues. Back up your data to a secure cloud service or external device (like your PC) to protect important files and settings.
10. Beware of Phishing Scams via SMS or Email
Phishing attacks often come in the form of fake messages or emails asking for personal information. These scams trick users into sharing passwords, credit card numbers, or other sensitive details. Be cautious and verify the source of every SMS and email you receive before clicking on their links or attachments. Check out my article about email security to learn more about how to protect yourself from phishing attacks.
11. Avoid Public USB Charging Stations (“Juice Jacking”)
Public charging stations can be rigged to steal data from your phone or install malware. Always use your own charger and a trusted power source. Alternatively, use a USB data blocker to prevent unauthorized data transfer when using public charging ports.
12. Don’t Jailbreak or Root Your Device
Jailbreaking (iPhone) or rooting (Android) removes some security protections built into your phone’s operating system. While it might allow customization or access to restricted apps, it makes your device highly vulnerable to malware and unauthorized access. Avoid doing this, especially if it’s your main device.
Key Takeaway
All the steps we mentioned covered in this article are pretty simple to follow and are free. However, if you ignore them, your device could become vulnerable to attacks, which might end up being very expensive to recover from. So, take some time to go through each step and apply them if they are relevant to you.