Smartphones. Aren’t they great?
You can be in the office from anywhere, accessing your calls, emails, group chats and company files on the move.
But how often do you stop and think about how secure your mobile is?
Do you ever worry about your phone being hacked?
Sure, we’re all use to hearing about computers being hacked. Whilst it’s admittedly more of a challenge to hack a mobile phone, it’s still very much a possibility.
With more and more of our business communication moving to our mobile devices, it’s something every organisation should be proactively defending against.
With that said, what are the most common ways mobile phones can be hacked?
Here are 5 common methods of phone hacking that you should be aware of:
1. Tracking & Spy Apps
There’s nothing black-market or hidden about these apps. A quick search online and you’ll uncover a range of different tracking apps.
The apps allow a third-party to read and explore someone’s browser history, view emails and messages (even encrypted messaging services like WhatsApp). Some apps even have the ability to record phone calls.
Generally, they are marketed towards parents and the ability for them to track their children’s online behaviour. But, let’s be honest, it’s not hard for them to be used for malevolent purposes.
So, how do they work?
All it takes is for an unprotected phone to be left alone for a few moments. The tracking app is downloaded and installed in the background of the phone.
And… that’s about it. Your data can be accessed by the person who installed the app on any computer.
How can you protect yourself against this?
Ensuring you always keep your phone locked with a strong password and/or PIN number is one way to prevent anyone from getting into your phone to install such an app.
Of course, this does mean you need to keep your password/PIN safe and not reveal it to anyone.
2. Unsecure Wi-Fi Networks
With our data-eating obsession, we always want to be connected to the internet. Isn’t it great that places like cafes, bars and shops now offer us free Wi-Fi connections?
Whilst the communication over the internet might be secure, there’s a weak link.
Whoever operates a network, whether that’s your mobile operator or Wi-Fi hotspot host, they are able to see the unencrypted traffic going through it.
It doesn’t take much for a criminal to set up “honeypot hotspots” using Wi-Fi. Free hotspot zones near popular areas like cafes or hotels. From here an attacker can access all the unencrypted (i.e. as plain text) communication you make. This includes data from any services that require a login protocol.
How can you protect yourself?
The ideal would be to avoid using free Wi-Fi connects and to ensure all the communication you make is encrypted.
There’s mobile phone technology coming onto the market now that identifies possible unsecured Wi-Fi networks and encrypts your data for you.
3. Compromised iCloud or Google Account
One of the great things about smartphones is that with one account, one password, everything is kept together. Our emails, our photos, our contacts, our messages. Even access to our social media accounts. All obtainable from one account and one password.
One of the dangerous things about smartphones is that with one account, one password, everything is kept together.
Having your iCloud or Google Account compromised can be a massive breach in your security. Imagine how much potential access someone can have if those were compromised?
For instance, can you access your emails on your phone without entering a password?
Is that your main email account? Maybe the one you used to sign up with your Facebook account? Your bank account?
When you realise how much an attacker could access your iCloud or Google Account, you realise how vulnerable you can become.
How can you protect yourself?
Ideally, you’ll want a strong password for the iCloud or Google Account at the very least.
In addition, it would be wise to have key email addresses password protected with a different password and two factor authentication.
4. Out of date software
This one’s incredibly simple.
Having out of date software on your phone (read: ignoring those update notifications) is an open door for attackers.
Despite the goodwill of smartphone manufacturers and software developers, vulnerabilities exist in your smartphone. Vulnerabilities that people want to take advantage of.
On average there is one vulnerability being publicly disclosed on a daily basis.
Software updates aim to close these software weaknesses and protect your security. Not updating means that your software still has those vulnerabilities. Vulnerabilities that can be exploited.
How can you protect yourself?
Simple. Update your phone software and stop ignoring those notifications.
5. Phone Cloning
Although less common with the growth of the digital network, phone cloning is an old method of hacking.
So, what is it?
Phone cloning is the technique of transferring secure data from one phone to another. As a result, the second phone becomes an exact replica of the original.
Both phones can make and receive calls. Both can read and send text messages. Both can use any data allowances.
However, only the legal owner of the number is billed. This is because the service provider does not have a way to tell the difference between cloned and real phone usage.
How can you protect yourself?
The best way to identify if you are a victim of clone hacking by an increase in uncommon occurrences.
- Getting frequent wrong number calls to your phone
- Difficulty placing outgoing calls
- Unusual calls appearing on your phone bills.
Additionally, you may be able to track whether your phone has been cloned using features such as Google Find My Phone or on iCloud. Using these tools, you will be able to see where you expect your phone to be.
As with any online behaviour, the best solution to protecting your mobile phone is having a strong password. And, most importantly, never share that password.
