The Importance of Protecting Smartphones from Fraud
May 08, 2017
In mid-2016, the CBS news show 60 Minutes created a minor scare with its segment on mobile phone hacking. The segment was criticized for focusing on fear-mongering rather than on substance, but it did bring a critical issue to the forefront of cybersecurity consciousness. Specifically, individuals and businesses might go to great lengths to secure their computers and network systems, but they do little to lock down the security gaps in their smartphones and other mobile devices.
A recent research report suggests that more than one-fourth of all smartphone users do not use their device’s screen locks or security features. Further, mobile device owners often neglect to install updates and patches that might cover known security flaws in operating systems and apps. Mobile device users might perceive screen locks and updates as annoying interferences with the smartphones that they use to manage so many aspects of their daily lives.
The type of smartphone hacking that was discussed in the 60 Minutes segment may be currently limited to high-level operatives, but the hacking community is growing in sophistication and it may be only a short time before smartphone hacking leads to widespread identity fraud and broad network shutdowns. Before that point is reached, both businesses and smartphone users should consider developing regular protocols to close off security gaps in mobile devices.
Mobile fraud experts generally recommend that mobile device users adhere to six steps to protect their smartphones:
- Install all iOS updates as they are released. Smartphone operating system updates often include security patches and fixes for issues that hackers have learned to exploit. Moreover, at some point, smartphone manufacturers will stop supporting older versions of a mobile device iOS. Updating the operating system provides assurances that the device has the most up-to-date security features and that it will continue to be supported if another security breach is discovered.
- Use a virtual private network (“VPN”). A VPN will create a private, encrypted connection between a smartphone and a network. Opportunistic hackers are less likely to focus on connections that are channeled through VPN’s, but will instead default to less secure smartphone connections.
- Use strong passwords. Strong passwords and two-layer authentication are among the most basic cybersecurity strategies that all individuals and businesses should adopt. Mobile device users that are unable to remember strong passwords can use a password manager for that purpose.
- Be careful with app installations. Most businesses limit or preclude their employees from installing unauthorized apps on company-owned mobile devices. Individuals should also be careful with installing apps on smartphones that might track their locations or allow access to mailing lists and personal information that is stored on a mobile device.
- Beware of public Wi-Fi. Free public Wi-Fi is a boon to hackers, who are able to steal personal information from mobile devices with “man-in-the-middle” attacks and other techniques that sniff out data sent over free public networks. The convenience of free Wi-Fi is always overshadowed by its security risks.
- Do not open unverified attachments. Authorities convicted a hacker in 2016 of a phishing scheme in which he was able to steal personal information from mobile device users who clicked on a link that he had sent to their smartphones. If the source of a link or attachment is not verified, it should be ignored and left unopened.
Even the strongest anti-fraud measures will have weak links. For those times when hackers are able to overcome network defenses and breach a company’s security measures, a strong cyber protection policy can provide insurance to help a company pay for direct losses and third-party liabilities that it might incur as a result of the breach. Cyber insurance companies can also help a covered party reduce its risks and strengthen its internal network security and mobile device procedures to minimize cybersecurity losses. The continued growth in smartphone usage will only increase fraud risks, and a protection insurance policy is the last line of defense against potentially catastrophic losses.
Article comments powered by