Make Your Mobile a Tough Target for Thieves

You should definitely pay attention to your mobile phone security. Most of us don’t, which makes it easy for hackers and ID thieves to target us. Here are some tips to protect yourself from becoming a target for thieves.

 

Use a Passcode

One of the easiest ways to ensure that you are not a target for thieves is to use a passcode. All mobile phones have a built-in passcode option, and if you have an iPhone you can even set a passcode if it has been stolen by using the Find My iPhone feature.

Use Face ID or Touch ID

To make your iPhone even safer, you can use Face ID if you have the iPhone X or Touch ID on other iPhone versions. This is much stronger than using a passcode.

Set up Find My iPhone

If your iPhone gets stolen or you lose it, you can use the Find My iPhone app. This is a free app that is built into the iCloud. It uses GPS to show where your iPhone is at any time, as long as GPS is enabled. For Androids set up Find My Device to accomplish similar tasks.

Look at Your Privacy Settings

You should also take a look at your privacy settings. Your data is extremely important and there are threats all of the time. Fortunately, you can set your privacy settings to make it tough for people to get into it. Depending on your phone OS, seek out built in privacy, location, encryption and VPN settings.

Should You Get Antivirus Software for Your iPhone?

You might think that you can make your phone safer by adding antivirus software. Yes, it’s very important to have anti-virus software for your computer, but you don’t need it on your iPhone, but definitely do need it for your Android. Do a search on Google Play, there are plenty.

Stop Jailbreaking (iPhone) or “Rooting” (Android) Your Device

Another way to keep your phone safe is to stop jailbreaking. A lot of people like jailbreaking because it gives more freedom to customize your phone how you want. You can also download apps that Apple has not approved of. However, jailbreaking your phone can cause it to become more open to hackers, too, which could really be devastating.

Encrypt All Backups

When you sync your iPhone to your computer, it holds data for your as a backup. This way, if you ever need it, you can get it easily. However, this also means that this data could be open to hackers if your computer ever gets hacked. So, it’s always best to make sure that you encrypt all backups. You can do this in iTunes with only a few additional steps.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

How to Monitor a Cell Phone

Do you fancy yourself a spy and wondering how you can monitor someone else’s cell phone? You won’t get that information here, but there is some good info on cell phone monitoring if you keep reading:

The Legalities of Tracking Cell Phones

Generally, it is not legal to monitor a cell phone that does not belong to you. However, generally speaking, and THIS IS NOT LEGAL ADVICE, if the account is under your name or if you have written permission from the person who owns the phone, you can track it.

Why Monitor a Cell Phone?

There are some situations where it is perfectly legal, and even useful, to monitor a cell phone. One good reason is to monitor your family. This is especially the case if you have a tween or teenager who has some freedom.

Another reason you might consider monitoring a cell phone is if you have an elderly family member, like a parent, who uses a cell phone. If your loved one has dementia, you certainly should track their phone.

Businesses also often track company issued cell phones. The main reasons to do this is to locate a device if it is ever lost or stolen and to monitor employee communications.

The Main Ways to Track a Cell Phone

There are three different ways that people track cell phones:

  • Through the Cell Phone Carrier – Most major cell phone carriers offer a feature that allows a person to track a cell phone that is on their account. There is a fee for this service, it is totally legal, and it’s a great way to track family members.
  • Through a Smartphone or Computer– If you have a smart phone that runs iOS or Android, you can use features like Find My iPhone, or you can use apps like Find My Friends. Just keep in mind that the phones must have GPS enabled for these to work.
  • Though a Third-Party App – To trace a phone through an app, you usually have to have access to the phone you want to track AND own it and/or written permission from the phone’s owner. Typically, both devices must have the app loaded for these apps to work. Some of these apps are free for limited features. Others come with a one-time or monthly payment for the service.
  • Through an Infected email or Text Link – This is pretty much illegal and might get you stint in the klink. Pulling this off requires special malware or spyware which can be obtained on the dark web for a price. That will mean you’d got from being legal to the seedy world of Blackhats. And as they say, once you go black, you never go back. You would then officially be a criminal.

In most cases, it is not legal to trace or track a cell phone unless you have permission from the owner. However, each state has their own laws, so it’s very important that you understand the laws in the state you live. This way, you can avoid any repercussions.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

How to Block Spammy Scammy Telemarketing Calls

Are you getting a lot of scammy, spammy telemarketing calls? If you are, you know how annoying they are. Fortunately, there are some apps out there that can help. Here are a few apps worth looking into:

CallApp

You can use CallApp to lookup numbers, and then decide if you want to answer it or not. It collects data from users, and then gives you this information when a call comes in. You can get CallApp Crawler for Android phones.

Call Control

This app offers reverse look up, call blocking, and it can even blacklist any unwanted texts, too. It is very easy to use, and it relies on the community to collect spam numbers and submit them to the company. You can get Call Control on iOS and Android phones.

Calls Blacklist

You can use Calls Blacklist to block calls, but there are also other features like scheduling ability or filtering by number prefix. This means you can block numbers that start with a certain combination of numbers, i.e. 803. This app is only available for those with Android phones.

Hiya

Hiya used to be just a reverse look up method, but now it also blocks calls and offers caller ID. This app has access to more than three billion records, but like TrueCaller, your number also goes onto that list. You can get Hiya for both iPhone and Android phones.

Norton Mobile Security

Norton Mobile Security is not necessarily a call blocking app. Instead, it’s a security app that has call blocking as one of its features. This app is perfect for anyone who wants a full security suite on their mobile phone. You can get this app for both iOS and Android.

Safest Call Blocker 

Though Safest Call Blocker is simple, it is quite effective at blocking any unwanted numbers coming from robots or telemarketers. Currently, this app is only available for those who use an Android phone.

Should I Answer?

This app blocks calls, looks up numbers, and then categorizes them for easy filtering. It tracks about 500,000 numbers and is available for both iPhone and Android.

TrueCaller

TrueCaller is a popular app, and it holds more than two billion phone numbers. This makes it great at identifying a spammy number. The one caveat of TrueCaller is that it adds your number to the list of numbers it tracks. You can get it for iPhone, Android, Windows Phone, and even BlackBerry.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Beware of Rogue Cell Phone Charging Stations

Humans have evolved a new body part: the cell phone. One day it will be part of anatomical illustrations of the body in health and medical books probably an appendage on your head. I’m not a Dr. so don’t quote me.

For now, we have to figure out a way to keep this appendage juiced up without being lured into a data-sucking battery-charge station.

There’s even a name for this kind of crime: juice jacking. The kiosk is designed to appear like a legitimate battery charging station, when in fact, it will steal your phone’s data while it’s hooked up.

Worse yet, sometimes the thief will set the station to deposit malware into your phone. The crook will then have access to all the sensitive information and images that you have on the device.

These fraudulent stations are often set up at locations where users would be in a rush and won’t have time to check around for signs of suspicion or even think about the possibility of getting their personal life transferred out of their phone and into the hands of a stranger.

Are these thieves smart or what?

But you can be smarter.

Prevent Juice Jacking

  • Before leaving your house, make sure your phone is fully charged if possible.
  • Buy a second charger that stays with you or in your car at all times, and make a habit of keeping your phone charged while you drive.
  • Of course, there will be times when you’re out and about, and before you realize it, your device has gotten low on power. And it’s time to hunt for a public charging station.
  • Have a cord with you at all times. This will enable you to use a wall socket.
  • Turn off your phone to save batt. But for many people, this will not happen, so don’t just rely only on that tactic.
  • Plug your phone directly into a public socket whenever you can.
  • If you end up using the USB attachment at the station, make a point of viewing the power source. A hidden power source is suspicious.
  • If bringing a cord with you everywhere is too much of a hassle, did you know you can buy a power-only USB cord on which it’s impossible for any data to be transferred?
  • Another option is an external battery pack. This will supply an addition of power to your device.
  • External batteries, like the power-only USB cord, do not have data transfer ability, and thus can be used at any kiosk without the possibility of a data breach.
  • Search “optimize battery settings” iPhone or Android and get to work.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Mobile Phone Numbers Are as Sensitive as Your Social Security Number

All of us have cell phones these days, and if you are like the vast majority of the population, you access everything from social media to banking information right from your mobile phone. However, if you do this, which everyone does, you are putting yourself in the position to get hacked. With only your mobile phone number and a couple other pieces of information, a hacker can get into these accounts and your life could drastically change.

How does this work? If a hacker already has your mobile phone number, they can get other information, such as you address, birthday, or even the last four digits of your Social Security number, through social engineering schemes via email or on social. Once they have this information, it’s like handing your phone over to them and letting them do as they please, including accessing your accounts.

The scam may not even begin with you, it may begin with the mobile phone companies themselves. There have been many incidents where the carriers are scammed into handing over troves of personal identifying information to scammers posing as the victim. In many cases the phone companies are even allowing the scammers to get phones with the actual victims phone number by transferring everything to a new phone the perpetrator charges to the victims account.

Here are some things that you can do to keep your mobile phone number safe:

Use Your Passcode – You can and should put a passcode on your phone, you should definitely do it. This isn’t totally foolproof, but does give you an extra level of protection.

Add a Passcode – Your mobile carriers online account should have an additional second passcode to make any changes to your account. This additional passcodes works with both the web and calling customer service. Nothing happens unless this additional passcode is presented.

Disable Online Access to Any Mobile Phone Account – This is frustrating, of course, but it certainly can protect you. If you need to change your account, you should go to the store or call your provider.

Use Google Voice – Google Voice is an excellent choice for many, and you can even forward your current number to your Google Voice number. This helps to mask any call you make, which means no one can have access to your real number.

Access Your Cell Phone Account with a Carrier-Specific Email Address – Most of us use our email addresses and phone numbers to access our online accounts. However, you should really have three separate emails. One should be your primary email address, one should be only for sensitive accounts, like your bank or social media accounts, and one for your mobile phone carrier. This means, even if your main email is hacked, the hackers cannot get into your other accounts.

Talk to Your Carrier – Consider asking your carrier to make a note in your account to require a photo ID and special passcode before any changes are made. Though it’s possible that a hacker could pose as you with a fake ID, the chances are quite low that this would happen.

Use Complex Passwords – One of the best ways to protect online accounts is to use complex passwords. Or at least a different password for every account. You should also use a password manager. If you don’t, make sure your passwords are very random and very difficult to guess like “58&hg#Sr4.”

Do Not Be Truthful – You also might want to lie when answering your security questions. These are easy to guess or discover. For instance, it’s probably easy to find out your mother’s maiden name. So, make it up…just make sure you remember it!

Don’t Use Your Phone Number for Important Accounts – Also, make sure that you aren’t using your phone number for any important account. Instead, use that Google Voice number. 

Use a Password Generator – This is part of two factor authentication. Protect yourself by using a one time password generator, as part of a two-factor authentication process. It may be your mobile or they look like keyfobs and produce a new password very frequently. The only way to get the password is to access the generator or your mobile.

Use a Physical Security Key – You should also think about using a physical security key. To use one, you must enter your password into the computer, and then enter a device into the computer’s USB port. This proves that you are the account owner. So, even if a hacker gets your password, they must also have the physical security key to access the account.

Think About Biometrics – Finally, to really protect your accounts, when available, use biometrics. You can buy biometric scanners that read your fingerprints, your iris, or even recognize your voice. When you use these, you cannot access any account until you scan your finger, eye, or speak.

Yes, it’s true that some of these seem time consuming, it is much more time consuming to have to deal with getting hacked or a stolen identity. So, take these steps to remain as safe as possible.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

How to Stop Your Cellphone from Getting Hacked

If you are like most of us, you probably have a password, antivirus program, and a firewall for your home computer to protect it from hackers. Are you doing the same thing for your phone?

From 2015 to 2016 malware infections on smartphones swelled by 96%, and about 71% of the smartphones out there do not have any software at all to protect them. What does that mean for you? It means the odds are against you when it comes to getting your phone hacked. Luckily, there are some things you can do to protect your mobile phone from hackers:

  • Update Your Operating System – Many people skip updates for some reason. Don’t put it off. Most of these updates contain security fixes that your old operating system didn’t have.
  • Put a Lock On It – If your phone doesn’t have a passcode on it, it’s like leaving the front door of your home open for burglars. Hackers will get in; it’s just a matter of time. If you can, use a biometric method, like a swipe or finger tap. In addition, set up a good passcode. Make sure it’s totally unique and nothing a hacker can guess, like your address or birthday.
  • Use Caution with Public Wi-Fi – Public Wi-Fi is great, in theory, but it can also be dangerous, as it is very easy for hackers to access your info. It’s usually pretty safe to use a public Wi-Fi connection for things like catching up on the news or watching a movie, but don’t put any personal information into your device such as your banking password or credit card number.
  • Check Up On Your Apps – Hackers often use phone apps to access data. So, to make sure you are really safe, make sure to delete any apps that you aren’t using regularly. An outdated app can be dangerous, too, so make sure to always update when one is available. Also, only download apps from reputable sources like Google Play and iTunes.
  • Use a VPN – Finally, use a VPN, or virtual private network. This will encrypt your information when you use it over a public network. They are free or cheap, usually $5 to $30, and that small investment is definitely worth it for your safety.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Your Hacked Mobile Phone Number is Like Your Social Security Number

If you have a cell phone, and you use it in any way associated with accessing online accounts (and many do), you are putting yourself at risk of getting hacked. With only a phone number and a bit of information, which is easy to get through social engineering, a hacker can break into your personal and financial accounts.

5WThis works by getting information about you, such as your birthday, address, or even the last four digits of your Social Security number…information that is readily available…and then creating a plausible story to gain access to your phone account, phone and various online accounts. Once they have access to your accounts, they can change the phone number, get a new sim card and then change account passwords, and you will be unable to access the affected accounts. Below, you will find some tips to help you protect your phone number:

Use a Passcode

If you have the option to put an additional passcode on your phone account, do it. Though this isn’t foolproof, it will certainly help to give you some added protection.

Disable Online Access to Cell Phone Accounts

I’m not doing this, but some should. This might be frustrating, but it will further protect you. If you need to make a change, you can call or go into the store.

Consider Using Google Voice

Google Voice is a safer option for many, and you can even forward your existing number to Google Voice. This helps to mask the calls you make, which means no one would have access to your real number.

Use a Carrier-Specific Email to Access Your Mobile Phone Account

If you are like most people, your email address and phone number help you to access most of your internet-based accounts. Ideally, instead, you should have a minimum of three email addresses: your primary address, one for your mobile phone carrier only, and one for sensitive accounts, such as your bank and social media. This way, if your primary email is compromised, a hacker cannot access your sensitive accounts.

Ask Your Carrier for Account Changes

Finally, you can ask your carrier to only allow account changes in person with a photo ID. Though there is still a chance that a hacker could pose as you with a fake ID, the chances are much lower.

There are also some steps that you can take to protect all of your online accounts:

Create Complex Passwords

One way to protect your online account is to create complex passwords. It’s best to use a password manager that creates random, long passwords. If you don’t use a password manager, create your own password of random numbers, cases, and special characters. These might include “4F@ze3&htP” or “19hpR$3@&.” Try to make up a rule to help you remember them.

Don’t Tell the Truth

Another thing that you can do is to stop being truthful when answering security questions. For instance, if a security question asks what your mother’s maiden name is, make it up. Something like this is too easy to guess…just make sure you remember it!

Don’t Connect Your Phone Number to Sensitive Accounts

You also should make sure that you are not connecting your phone number to any sensitive accounts. Instead, create a Google Voice number and use this for your sensitive accounts.

Use Passcode Generators

Passwords are easily stolen via key loggers, which is software that records keystrokes. You can protect yourself from this by using a one-time passcode generator. This is part of the two factor or multi factor authentication process. These generators are wireless keyfobs that produce a new passcode with heavy frequency, and the only way to know the passcode is to have access to the device that created the passcode.

Use Physical Security Keys

You also might want to consider using physical security keys. To use these, people must enter their passwords into the computer, and then they must enter a physical device into the USB port, proving that they are the account owner. This means, in order to access an account, a hacker must not only know the password, they must have the physical device.

Consider Biometrics

Finally, if you really want to protect your internet accounts, you should use biometrics. You can purchase biometric scanners, such as those that read your iris, fingerprint, or even recognize your voice. When using these, you will be unable to access your accounts unless you provide this biological information. There are a number of devices on the market that do this.

Though these steps might seem a bit time-consuming, they can be the difference between keeping your private and financial information safe and getting hacked.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Mobile SIMs Hacks Cause Concern

A crook can steal your identity by taking control of your wireless phone account—by pretending to be you in person at the mobile store. The villain can then buy pricey mobiles and sell them—and guess who gets the bill but not the profit.

4DSymptoms of Hijacked Account

  • Suddenly losing service
  • Your carrier says you went to a store, upgraded a few phones, then shut down your old device.
  • Or, the rep will straight-out ask if the problem is with your new iPhone—even though you never purchased one.
  • You were never at the store and never authorized any account changes.

If this happens to you, says an article at nbc-2.com, you’ll need to visit the carrier’s local store, show your ID and get new SIM cards. The carrier absorbs the costs of the stolen new phones.

But it’s not as simple as it sounds. What if in the interim, you need to use your phone—like during an emergency or while conducting business? Or your phone goes dead just as your teen calls and says she’s in trouble?

The thief, with a fake ID, waltzes into a store that does not have tight owner-verification protocols, and gets away with changing the victim’s account and buying expensive phones.

The nbc-2.com report says that this crime is on the increase and is affecting all four of the major mobile carriers: AT&T, T-Mobile, Verizon and Sprint.

Here’s another thing to consider: The thief may keep the new phone, which still has your number, to gain access to your online accounts via the two-factor authentication process—which works by sending a one-time numerical text or voice message to the accountholder’s phone.

The thief, who already has your online account’s password, will receive this code and be able to log into the account. So as innocuous as stolen phones may seem, this can be a gateway to cleaning out your bank account. The thief can also go on a shopping spree with mobile phone based shopping.

We’re all anxiously waiting for mobile carriers to upgrade their store security so that people just can’t strut in and get away with pretending to be an accountholder. Biometrics come to mind. Photo IDs are worthless.

In the meantime, accountholders can create a PIN or password that’s required prior to changing anything on the account.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

How to protect your Mobile Phone from Hackers and Thieves

Let’s cut to the chase:

  • Regularly back up the phone’s data! If this is done every day, you won’t have to worry much about losing important information if something happens to the phone—such as a ransomware attack.
  • Keep the phone’s software and applications updated.
  • Delete apps you no longer use, as these can reveal your GPS coordinates and garner data about you.
  • Never post about your vacation while you’re on vacation.

6WBut there’s more:

  • Employ the device’s password-protect function (which may even be a biometric like a fingerprint).
  • If the phone has more than one type of protection, use both.  You just never know if the phone will get lost or stolen.

Public Wi-Fi

  • Never use public Wi-Fi, such as at airports and coffee houses, to make financial transactions.
  • Though public Wi-Fi is cheaper than a cellular connection, it comes with risks; hackers can barge in and “see” what you’re doing and snatch sensitive information about you.
  • If you absolutely must conduct sensitive transactions on public Wi-Fi, use a virtual private network or a cellular data network.

And yet there’s more:

  • Switch off the Wi-Fi and Bluetooth when not in use. Otherwise, your physical location can be tracked because the Wi-Fi and Bluetooth are constantly seeking out networks to connect to.
  • Make sure that any feature that can reveal your location is turned off. Apps do collect location information on the user.
  • What are the privacy settings of your social media accounts set to? Make sure they’re set to prevent the whole world from figuring out your physical location. This is not paranoia. As long as you’re not hearing voices coming from your heating vents, you’re doing fine.
  • Are you familiar with the remote wipe feature of your mobile device? This allows you to wipe out its contents/files without the phone being in your hand—in the event it’s lost or stolen. Enable it immediately.
  • And also enable the “find my phone” feature. You may have lost it inside your car’s crevasses somewhere.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

I want a Cell Phone Jammer

Well, we certainly can’t blame Dennis Nicholl for breaking the law. Frankly, had I been nearby him when he did it, I would have kept silent and let him continue breaking the law—unless, of course, I was engaged in some loud, planet-moving discussion with a world leader.

5WNicholl, 63, was recently on a Chicago subway train. He brought with him a cell phone jammer. Unfortunately for Nicholl that day, Keegan Goudie was on the same train. Goudie is a blogger, noticed the infraction and began blogging about it. One thing led to another and Nicholl ended up being charged with the unlawful interference with a public utility.

Someone called 911 on him. Though Nicholl was breaking the law, arguably, he wasn’t committing any act that was putting anyone else’s life or limb in immediate danger. Or was he? I’m sure we can all get creative here.

Anyways, Nicholl’s lawyer says his client meant no life or limb danger. Like most of us, Nicholl only wanted some peace. Cell phone users tend to talk a lot louder into their phones than to people sitting right next to them. Sometimes, they’re outright obnoxious. They should be glad the infraction is only a cell phone jammer and not someone’s angry hands.

If making calls becomes allowed on airplanes in flight, it won’t be pretty. It’s bad enough when some fool talks loud while waiting for the boarding door to close. Nobody wants to hear how big the deal you are closing is or that Timmy scored a goal in soccer. Stop being a jerk.

So why is interference with a conversation via electronic device illegal, yet it’s not illegal to “jam” riders’ cell phone yakking with loud whistling, singing, loudly yakking to oneself or playing a harmonica?

Because these non-techy interference techniques can’t jam up someone’s legitimate call to 911. Nicholl’s jammer could have prevented another rider from getting through to 911 to report sudden difficulty breathing. So if you’re hell bent on using a cell phone jammer, maybe make sure first that everyone looks healthy?

The punishment is heavy. A Florida man had to cough up $48,000. Also in Florida, a teacher was suspended after jamming his students’ phones. A priest was even busted for using one in church. Ahh, technology.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention.