Mobile Security Guide: Everything You Need to Know
Ready to make the jump to a smartphone but worried about the risks? Here's how to keep your iPhone or Android phone secure.
Mobile security: Risks, challenges and concerns
As smartphones and tablets become increasingly central to modern life, the amount of personal information routinely stored on them has grown dramatically.
Unlike traditional computers, however, phones and tablets are easily stolen or misplaced. If that happens, your private data— passwords, credit card numbers and addresses — will be freely available to whoever picks up your device.
In this article, we'll discuss the various security threats your smartphone or tablet faces today, as well as the measures you can take to protect your privacy.
We'll also look at how Android and iOS stack up on security, weighing the benefits and downsides of each platform, as well as the best Android antivirus apps.
MORE: How to Keep Your Smartphone or Tablet Secure
Before discussing the ways in which you can lock down your Android or iOS device, it would be helpful to know what sort of security risks the modern smartphone faces.
ENISA, the European Union Agency for Network and Information Security, ranks some of the top security risks for smartphones and other mobile devices — and their threat levels — as follows:
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
Data leakage resulting from device loss or theft (high risk)
Unfettered access to your smartphone can be a gold mine for anyone seeking access to your private information. If you lose your device due to forgetfulness or theft, and you haven't locked it down with a PIN or password, your phone's new owner will have access to data including:
· Your email, including any passwords or account information that you've saved
· Your social media accounts, such as Facebook, Google+ and Twitter
· Passwords saved in your browser
· Credit card information and passwords saved in apps like Amazon and Google Wallet
· Email addresses, phone numbers and physical addresses of your contacts
· Access to secured Wi-Fi networks that you've saved
· Photos and videos saved on the device
Unintentional disclosure of data (high risk)
Developers frequently introduce more features than the average user can keep track of. For instance, you may be unaware that your device is broadcasting your location each time you post a photo using a social media app.
Here are some ways that you might be unintentionally letting the world know where you are:
· If you've posted a photo with the location data turned on
· If someone tags you in a photo without your knowledge
· If you've "checked into" a specific restaurant or café using a location app
Attacks on used/abandoned devices (high risk)
If you haven't wiped an old or discarded mobile device properly, the next user can easily access an alarming amount of your personal data. According to ENISA, studies have found that improperly decommissioned mobile devices can yield information such as:
· Call history
· Contacts
· Emails
Phishing attacks (medium risk)
Phishing is an insidious form of data collection in which an attacker tries to dupe users into entering personal data, such as passwords and credit card information, by sending them fake messages that appear genuine.
Phishing can appear in a variety of guises:
· Fake apps designed to mimic legitimate applications such as "Angry Birds"
· Email messages that appear to come from legitimate sources such as banks and other financial institutions
· SMS messages that appear to come from legitimate sources such as your wireless provider
Spyware attacks (medium risk)
If your mobile device becomes infected with spyware— either from a rogue app or a malicious website — the malignant code can send your personal data to a remote server without your knowledge.
Information logged by spyware can include:
· All of the keystrokes made since the spyware was installed
· Names, phone numbers and email addresses of your contacts
· Credit card information entered in the browser
Network spoofing attacks (medium risk)
Hackers occasionally prey on users who have connected to bogus or unsecured Wi-Fi networks. Unless you studiously enter personal information only on websites that use SSL encryption, your data could be at risk of being stolen.
Here are some examples of information you could accidentally disclose:
· Passwords to unencrypted websites
· Credit card information sent via an unencrypted website
Follow David Eitelbach on Google+.
Current page: Mobile Security Guide - Everything You Need to Know - Tom's Guide
Next Page Smartphone Security - General Safeguards and Tips - Tom's GuideTom's Guide upgrades your life by helping you decide what products to buy, finding the best deals and showing you how to get the most out of them and solving problems as they arise. Tom's Guide is here to help you accomplish your goals, find great products without the hassle, get the best deals, discover things others don’t want you to know and save time when problems arise. Visit the About Tom's Guide page for more information and to find out how we test products.