The Anti-virus Times

Friday, August 6, 2021

Nowadays, the well-known demand robbers make—"Your money or your life"—can safely be replaced by "Your mobile or your life". Indeed, the mobile device has become not just a means of communication, but also the key to its owner’s finances and private life. And the value of this data for its owner and for cybercriminals can significantly exceed the value of the device itself.

Let's try to imagine what a thief can get after taking possession of your smartphone and how they can use the acquired information.

Social networks and messengers

In addition to the fact that a stranger reading your personal messages is in itself unpleasant, the information in them may cause a backlash against you and your friends. For example, an attacker can use your personal information to blackmail you, and they can email all your friends a message asking them to loan you money.

Email

Even if you almost never check your mailbox, it remains an essential element that ensures the security of your accounts for various services. After all, an email address is used to create most accounts, and therefore—to reset their passwords. And it's not just about social networks—cybercriminals can gain access to passwords for payment services or other resources that let you use your credit card as payment.

SMS messages

If the previous two points primarily focused on smartphones, then in the case of SMS, any mobile phone can be involved, not the device itself but its SIM card. When cybercriminals gain access to it, they can transfer money from your credit card, sign in to the remote banking system, change the online banking password and bypass two-factor authentication.

There are many cases when cybercriminals, after gaining access to someone else's smartphone, don’t just transfer all the money from the victim's accounts, but also take out an express bank loan directly in the online banking application.

We have considered only 3 points, but it's already getting creepy, isn't it? Better to lose one’s wallet, for that matter... But that’s far from all the possible scenarios because, after all, your smartphone also contains your photos, location history, personal data and confidential documents.

To some degree, this situation also applies to other devices, such as laptops or tablets. Each gadget contains a lot of information that can cause considerable damage if it gets into someone else's possession.

So what can you do to avoid trouble?

The most banal advice: don’t lose your mobile, don’t give it to strangers and don’t even for a few minutes leave your phone unattended in a public place. Excellent advice, but let's draw an analogy with a car driver. Can the most careful and attentive driver get into a car accident? Without a doubt—yes. Can a seat belt increase a driver's chances of surviving and staying healthy? Sure. Fortunately, such "seat belts" exist for your gadgets. They will help you to keep your data and gain the time needed to prevent possible negative consequences.

A device unlock password

A password is the first cordon of protection for your mobile or laptop. Remember: when you are not using your gadget, it should always be locked. When it comes to a smartphone or a tablet, you can choose the authentication method most convenient for you: password, unlock pattern, or user biometric identification. In this case, the most reliable way to protect it is to use a password or a PIN code: nobody guesses an unlock pattern on the basis of a greasy fingerprint on the screen or puts your finger on the sensor while you are sleeping. Anyway, using any of the proposed methods will create needless problems for hackers and force them to spend time trying to crack the coveted key.

Tip: Do not use the same password or PIN code to access your mobile and the online banking application installed on it.

If a laptop is involved, be sure to use a password to sign in to your account and make it a practice to lock your computer when you leave your workplace. It would also be a good idea to configure your account so that it automatically locks when your device is inactive or your laptop’s lid is closed.

Data encryption

Many modern devices have a default data encryption option on the internal media. But it's still better to be sure that it is enabled. If your smartphone has a slot for memory cards, you can configure data encryption on external media. Thus, even if a hacker retrieves a card, they will not be able to read its contents.

Data encryption has another significant benefit: once you turn off or restart your laptop, smartphone or tablet, a thief will not be able to re-load it without entering the password.

Set a PIN code on your SIM card

About 15 years ago, such advice was common, but now many users have forgotten about this simple but effective means of protection, and this feature is disabled by default in modern SIM cards. That's a pity because it prevents an attacker from gaining access to your mobile number!

Let's say you are using encryption and a strong password, which means that a thief cannot search through the contents of your mobile. But they can remove the SIM card, insert it into another mobile, reset the passwords of the accounts linked to your mobile number, and transfer money from your bank account before you’ve had time to realise what’s happened. Believe us, that takes much less time than getting to the nearest mobile shop and having your SIM card reissued.

Using a PIN code solves this problem perfectly and blocks yet one more channel through which data can leak.

Remote control over a device

Most modern gadgets are linked to a network account and support the possibility of remotely controlling lost or stolen devices. The basic functionality typically includes the ability to determine a device’s geolocation, block the gadget, and remove information on it remotely. If you are not using these features, we strongly advise you to enable them.

But what do you do if your smartphone or laptop gets lost, and you do not see any chance of it being returned?

First, you should attempt to sign in to your account and try to determine the device’s location—perhaps it simply slipped down the back of your sofa. If that does not work, it makes sense to send a command to your gadget to block or delete information. Even if your device is offline, it will execute the command as soon as it is connected to the Internet.

The next step is to visit your cellular operator’s store to replace the SIM card (if your device supports this option) and to call your bank to request that they suspend the possibility of your bank account being controlled remotely.

After that, you should "unlink" the missing gadget from services that incorporate this option—for example, from messengers and social networks, and change your passwords for the most important accounts.

Done. Now you can go to the store to buy a new device, which will serve as storage for your secrets for years to come.

#Android #credit_card #remote_banking #mobile #anti-theft_configuration #password #PIN_code #remote_access