Improving the security of your smartphone is usually a task at the back of most people’s minds. This article explains why your phone is more at risk during the holidays and shares five tips for protecting your smartphone during this season.
“It’s the most wonderful time of the year” as that timeless Andy Williams classic goes. Thanksgiving and Christmas are here and so is the annual frenzy to shop, travel and clear our inboxes in time for the holidays.
However, the holiday season is also one of the most notable periods of the year for online attacks and cybercrime. With ‘Black Friday’ (the day after Thanksgiving in the USA), ‘Cyber Monday’ and other high points in the retail calendar creating a lot of digital noise during the holidays, more of us are likely to fall victim to cybercrime during this time.
Your smartphone is high risk
The year 2018 recorded a whopping $7.9 billion spent online by US shoppers on Cyber Monday (an increase of 19.3 per cent) from the previous year, according to data from Adobe Analytics. With Black Friday and Cyber Monday trends spreading, online retail numbers are projected to increase worldwide in 2019 and beyond.
Not only are we shopping more online, equally significant is the fact that more of us are doing our holiday shopping on our smartphones.
According to mobile analytics firm AppAnnie, globally, November 2018 marked the biggest mobile shopping month of all time, calculated by the total time we spent using shopping apps. The same report predicts mobile will comprise nearly 75% of total e-commerce transactions by 2021.
In summary, we’re depending more on our phones for the convenience of shopping online. This makes our phones more attractive to thieves and online attackers during the holidays.
Protecting Your Smartphone During the Holidays
Disclaimer: This list is non-exhaustive. It is up to you to personally exercise diligence and care at all times.
#1. Keep your smartphone physically safe at all times
Stolen smartphones remain a lucrative black market for thieves.
Leave your phone unattended in a public place for a moment and the chances that you’ll lose it are very high – especially during the holidays when pickpockets tend to be more prolific. The inconvenience of potentially losing all your personal data and having to physically replace your phone is not worth one moment of carelessness.
A motivated attacker may want more than the chance to resell your physical device. They may want to catch you unaware and while your phone is unlocked, download malicious apps including spyware for monitoring your activity or to redirect you to infected/compromised websites where they can harvest your payment card and other personal details.
Be especially vigilant in public places during the holidays. Ensure your phone is kept out of sight and secure (except when you really need to use it). Enable location tracking or ‘Find My Phone’ features if your phone has them. See steps for Samsung, iPhone, and HTC.
#2. Time to review your smartphone PIN/Password
Any advice you’ve received about password security is unlikely to ever get old. Haven’t changed your smartphone unlock pin, passcode or password all year? We won’t judge. The holiday season is a good time to review your personal security and to change your phone unlock credentials to something stronger.
If your smartphone comes with biometrics e.g., fingerprint readers and iris scan features, you’ll be protecting your smartphone by enabling them.
#3. Switch off your Bluetooth/Wi-Fi/NFC when not in use
You’re walking along your city’s shopping street or malls minding your own business. However, did you know that it is possible for retailers to track you using your smartphone’s Bluetooth and Wi-Fi features? Your phone basically becomes another data point in their shopping trends reports.
We won’t go into the specifics of how this happens in this article. The point is that if you are not using your phone’s Bluetooth or Wi-Fi feature, switch them off.
Bluetooth hijacking (Bluejacking) allows unsolicited messages to be sent over Bluetooth connections to your phone. Bluesnarfing, on the other hand, is a more sinister attack which exploits vulnerabilities in your phone’s Bluetooth to steal personal data – including texts, emails and passwords.
Many new smartphones come with near field communication (NFC) features installed. This feature allows devices to exchange data with other NFC-enabled technologies when those devices are close together. This technology is leveraged for smartphone pay apps like Google Pay, Apple Pay and Samsung Pay. When not in use, disable NFC on your phone.
Many of the latest phones should be protected from common Bluetooth, Wi-Fi and NFC attacks. However, in addition to switching off when not using these features, don’t be too busy to install the latest security updates from your device manufacturer.
#4. Be careful where you plug-in for USB juice
It’s the holidays. You’re waiting for your train or flight home. You instinctively reach for your phone (as most of us do) to fiddle around and then you notice the dreaded “Low Battery” warning.
You break out in a cold sweat and your heart rate increases. You frantically look around for the nearest power socket or recharging point. You’ll do anything not to run out of juice! You find a charging point. Your AC adapter plug doesn’t fit the socket. However, there is a USB charging option. You pull out your phone USB cable, plug it in and heave a sigh of relief.
We’ve all been there!
But note that not all USB ‘juice’ (power) points are innocent. While most public charging points are designed to simply provide power, it isn’t entirely impossible that there is something sinister happening between your phone and the USB charging point.
‘Juice Jacking’ is a type of cyber-attack where your phone becomes a data source for whatever lies behind the USB charging point. While most of the major phone manufacturers have installed features to protect your device, you still need to be cautious.
Need a quick power boost? Use your phone’s AC adapter or get yourself one of those portable power banks.
#5. ‘Free Wi-Fi’ is not always free
Public Wi-Fi allows us to stay connected everywhere across our cities, in coffee shops, on the streets, on public transport and (increasingly) during flights.
During the holiday season, there is a higher chance that we are out and about, travelling, shopping or checking into hotels. Having a poor data connection is frustrating and turning to public Wi-Fi is usually the most convenient way to get online.
In a separate article, we will go into the specifics of why it is not always a good idea to simply connect to ‘free Wi-Fi’ wherever you find it. For now, we simply want to highlight the need to exercise caution when using public Wi-Fi.
Does the provider require you to provide personal data before accessing their Wi-Fi? How comfortable are you with that?
Do you trust that no one is ‘listening’ over the Wi-Fi network and harvesting your personal information?
Do yourself a favour and wait for a better data connection (if you’re on a phone data plan) or if you absolutely must access the internet using public Wi-Fi, invest in a Virtual Private Network (VPN) app that masks your phone’s IP address and uses encryption to keep your connection more secure.
Protect your smartphone this holiday!
Many banks and online retailers take extra precautions during the holidays to protect customers. This includes increased security and fraud monitoring, hiring of fraud specialists and deploying anti-phishing measures.
However, even their best efforts will count for nothing if you unintentionally let the bad guys in. Do your part by protecting your smartphone.