How to Safeguard Your Mobile Device from Malware
Protecting your computer from viruses and malware is second nature for most people, but many users don’t apply the same level of diligence to their smartphones. With the growing trend away from computers and towards smartphones, it is more important than ever to protect yourself from malware.
“Mobile malware has been on the rise drastically in last couple of years,” says Nathan Collier, Senior Malware Intelligence Analyst at Malwarebytes. “Everything from backdoor malware that steals personal information to ransomware that locks your phone until payment is made exists in the mobile space. With millions of malware samples in the wild, there is no reason not to be concerned.”
In addition to an increased volume of people turning to their phones as the primary means for going online, there’s also an increase in using mobile devices for storing and transmitting sensitive data. The 2017 Pew Research Center Report also shows a full 85 percent of smartphone users doing their online banking on their phones.
But online banking is just the tip of the iceberg. GPS programs can find your location. Mobile apps often require that you allow them to access data stored in your phone or on the cloud. You can receive digital boarding passes via text message or verification codes for logging into sites, social media apps publish photos and personal data, fitness and health apps track steps, heartrate, and food intake—a cybercriminal can learn all there is to know about their targets by breaching their cell phone.
Your phone may contain and transmit a larger volume of and more sensitive info than your computers—but it’s not always as protected.
Security issues with phones
A number of factors contribute to weak mobile phone security, but one of the top concerns is that phones are much easier to be misplaced, lost, and stolen. Mobile phones go with you everywhere, which means there’s more potential for leaving them behind. Once a criminal has physical control over your phone, it’s often not too difficult to gain control of its data.
A second huge concern for mobile phone security is the validity of third-party apps. They aren’t vetted by the major app stores iTunes and Google Play, therefore they needn’t pass a minimum standard for safety. Apple iPhone has strict laws about apps: They can only be downloaded from iTunes, therefore they’re more secure. The downside is that users are restricted from going outside the iTunes ecosystem, which is why people sometimes jailbreak their phones. This is a dangerous measure, as it negates all security, not only for apps, but also for operating systems.
Google’s Android, however, allows for third-party apps to be downloaded. “Android is highly customizable and open to innovation by its users,” says Collier. “Also, although Google highly recommends you only install from the Google Play store, they allow you to take the risk into your own hands if you really want to install elsewhere.”
Another security risk with mobile phones is that users don’t update their OSes as often as computers. Updating phone software requires ample memory and battery power, and users are often running low on both. Every time a software update is delayed on a mobile phone, a cybercriminal has an opportunity to exploit security vulnerabilities in the operating system.
Of course, mobile phones are also vulnerable to the same pitfalls that befall desktops and laptops—mainly, users who don’t practice safe surfing. Social engineering in the form of social media scams and phishing can especially ensnare mobile users who regularly check their email, Facebook, Twitter, and other social networking sites. Phishing in the form of text messaging, or smishing, has also become a popular attack vector, particularly for criminals looking to cash in on the popularity of mobile banking.
Finally, all of these risks are compounded by the fact that technical security measures are not commonplace in phones. While computers are often equipped with firewalls, antivirus, and/or anti-malware software, mobile devices typically have only their operating systems and the security of their apps to protect them.
Set a Password
The main purpose of malware is to disrupt operations or gather private/sensitive information so one step that can be taken to protect your phone from outside sources is to set a password to lock your screen. It may not be malware protection exactly, but it is spyware protection and a great way to defend against intrusions. Passwords may seem like a hassle when you use at the device several times an hour to check messages, use apps, or play games, but it is really the best way to prevent anyone else from accessing your personal information without your permission.
Install Malware Protection
Just as you can download virus protection for your computer, so too can you use this type of software to protect your phone. With the movement away from computers and towards smartphones for internet use, we will begin to see a growth in cellular malware, so having a protection program for your smartphone will become increasingly important. The most popular program is Lookout Mobile Security for Android phones. This program will fill in the gaps and give you complete and comprehensive protection from malware attacks.
Update Your Operating System
Be sure to continually update your operating system as soon as a new version becomes available, as running an outdated OS is a great invitation for malware to penetrate your defenses. System developers work hard to stay ahead of malware and give you ample protection, but you can’t take advantage of this protection if you don’t take the time to update your software as often as possible. Not only does this protect you against malware, but it also keeps your smartphone running in the best state. Just as you wouldn’t drive your car around with outdated tires and brakes, you shouldn’t use your smartphone with outdated operating software.
Back up phone data.
Consider connecting your device to its associated cloud service in order to automatically back up data (and encrypt it). However, if you don’t trust the cloud, be sure you connect to a PC or Mac to sync data regularly in order to preserve photos, videos, apps, and other files.
Avoid third-party apps.
If you’re on an iPhone, you don’t have much of a choice. However, for Android users, staying on Google Play and not allowing apps from unknown sources keeps you relatively safe. If you do decide to use third-party apps, research to be sure you’re not getting a malicious one. Read reviews, and if the app asks for access to too much personal data up front, don’t download it.
Be wary of social engineering scams.
Cybercriminals love to spoof banking apps, send phony texts meant to collect personal data, and email malicious links and attachments. Just as you do on your computer, view any communications from unknown sources with a careful eye. If it seems fishy, it very likely is.
Use public wifi carefully.
Yes, you don’t want to use up all your data. However, public wifi is inherently insecure, so try not to make transactions or transmit sensitive data while using it. Consider using a VPN service to encrypt data transmitted online.