Your smartphone can be hit by various security threats, from phishing to malware to spyware. All it takes is one successful attack to take over your phone, compromise your data, and even steal your identity. How do you protect yourself? In a Mobile Device Best Practices report,[1] the National Security Agency (NSA) suggests tips designed to thwart hackers and attackers from assaulting your mobile device. One method is as simple as turning your phone off and on.
Spearphishing attacks can target your phone to install malware, while zero-click exploits can infect your device without any interaction on your part. The NSA's advice? Power your phone off and then back on at least once a week. This simple action can make it more difficult for hackers to steal information from your phone, though the agency cautions that this will not always prevent an attack.
In its report, the NSA cited several other threats that can impact your mobile device. Malicious apps can infect your phone. Malicious Wi-Fi networks can intercept and redirect traffic from your device. Spyware can monitor the audio and video conversations on your phone. Hackers with remote access to your device can collect calling or texting data. Someone with physical access to your phone, even briefly, would be able to install malware or spyware.[2]
There are several ways to protect yourself, the NSA suggests:
- Update your apps. Be sure to update your apps and operating system with the latest security patches.
- Use official app stores. Install apps only from official stores, such as Apple's App Store or the Google Play Store.
- Don't click. Avoid clicking on links or file attachments in emails and text messages, as those are common ways to trigger malware.
- Watch out for public Wi-Fi networks and avoid joining them when possible. In addition to the NSA's advice, I recommend using a VPN whenever you join a public network.
- Disable Bluetooth. Turn off Bluetooth when not using it to prevent an unauthorized device from connecting to your phone.
- Use a secure passcode. To lock and unlock your phone, create a strong passcode with at least six digits.
- Leverage biometrics. Enable your device's built-in facial or fingerprint scanning for greater security and convenience.
- Use trusted accessories. Use only original charging cords or charging accessories from a trusted manufacturer. Avoid public USB charging stations. Don’t buy junk.
- Turn off location services—Disable location services when not needed.
Beyond adopting the NSA's suggestions, you can also turn to a dedicated app to help with your mobile security. One app worth installing is iVerify, a security scanner that will scour your device for malware and ensure you use the basic security features on your iPhone or Android phone.
This article is shared at no charge and is for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please get in touch with the office directly at 1-844-492-7225, or feedback@redskyalliance.com
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5378972949933166424
[1] https://s3.documentcloud.org/documents/21018353/nsa-mobile-device-best-practices.pdf
[2] https://www.zdnet.com/article/the-nsa-advises-you-to-turn-off-your-phone-once-a-week-heres-why
Comments