Phone Hack

How to Protect Your Smartphone from Hackers

Omer Aslim selfie
By: Omer Kaan Aslim
July 23, 2020
Continue reading to find out how to prevent hackers from taking over your phone.

The guidance I offer below is meant to prevent unauthorized persons from gaining access to your smartphone. This includes both hackers and other individuals such as family members or friends. This blog post does not intend to cover privacy issues related to smartphones.

Password/Pin Protect Your Phone

Research from Kaspersky Lab found that 52% of people do not password-protect their mobile devices. Setting up biometric recognition, a password, or pin code is the first step you need to take to protect your smartphone from unauthorized access. Imagine losing your smartphone and it isn’t protected by a pin code? Whoever picks it up has access to everything. Setting a pin code or password is the easiest step you can take to prevent unauthorized access to your smartphone. When you set a password or pin, use one that is difficult to guess. Don’t use your birthday, zip code, anniversary year, or similar when creating a pin code. Research from Kaspersky Lab found that 52% of people do not password-protect their mobile devices.

Encrypt Your Smartphone

If your smartphone supports encryption then you need to enable it. If your device is not encrypted and you lose your phone or if someone is in possession of it they can access your data.

Only Download Apps from Official App Stores

Hackers often try to get smartphone users to install apps on their smartphones the same way they try to trick people into installing malicious software onto their computers. If you only download apps from the official google play store or apple store you can by-and-large avoid installing malicious apps onto your phone. Google and Apple check the apps on their stores to ensure that they are not malicious. Sometimes malicious apps slip through the cracks but overall it is much safer than downloading apps from unofficial locations.

Uninstall Unused Apps

You want to apply the cybersecurity principle of “least functionality” to how you manage your phone. Review all the apps installed on your phone and uninstall the ones you don’t use. The more apps you have the larger your attack surface.

Limit the Permissions You Grant to Apps

This goes back to the principle of “least functionality”. If you download a chess game onto your phone and it wants access to your contacts, photo gallery, and location then you should deny access. Review the permissions of all the apps you currently have installed on your smartphone. Only provide the access necessary for you to get what you want out of the app.

Keep Your Phone Updated

When your smartphone wants to install a security related update you need to do so. These updates patch security vulnerabilities on your smartphone.

Keep Your Apps Updated

Just as your smartphone requires security updates so do the apps on your phone. Make sure to install security related app updates. These patch vulnerabilities that hackers can exploit.

Setup Smartphone Tracking & Remote Wipe (Anti Theft)

In the event your phone is lost or stolen you are going to want to find out where it is. To do this you can use the “Find My iPhone” feature if you have an iPhone. If you have a Samsung you can use “Find My Mobile”. If your phone doesn’t have these features then there are third party apps such as McAfee Mobile Security that have the above mentioned features.

Be Aware of Social Engineering

Phishing and other social engineering attacks do not only occur over email. Hackers often send you or your friends messages over messaging apps hoping that you open the link they sent. To keep it simple don’t open any links sent to you by an unknown person. Your friends may also inadvertently send you a malicious link. If you are unsure of a link copy-paste it into virustotal.com for a scan to determine if it is malicious.

Avoid Malicious Websites or Sites with Malicious Ads

Sites that offer free movies, pornography, and gambling often offer malware as well. Even if the site itself doesn’t, it can redirect you to a malicious site. Avoiding these types of websites is a sound strategy.
 

Discover Our NIST SP 800-171 Solutions:

 /assets/images/compliance_accelerator_white.png

Compliance Accelerator

For contractors seeking compliance
 /assets/images/quantum_assessor_white.png

Quantum Assessor

For IT service providers
 /assets/images/supply_chain_logo_white.png

Supply Chain Verifier

For contractors seeking to verify partner compliance