Most of us assume our smartphones are secure devices, and that’s when hackers can take advantage of us.
Through innocuous features and apps, criminals have devised ingenious ways to turn our smartphones against us, obtaining sensitive information and even controlling our devices. Here’s what to watch out for:
1. Your smartphone’s accelerometer can be used to detect what you’re typing on a separate keyboard
Almost all smartphones have an inbuilt accelerometer (or tilt sensor) that picks up vibrations. On iterations such as the iPhone 4 and above, the accelerometer is so sensitive, it can pick out what you’re typing on a nearby keyboard with 80 percent accuracy. The phone does this by measuring the impact of each keystroke and then determining which key it is based on distance.
When complemented with malicious downloads, this turns your phone into a makeshift keylogger – a device that records what you type. This allows hackers to guess passwords, account numbers, email addresses, and more.
The best ways to prevent this is to adopt a stealth-mode attitude – place your smartphone in your bag (or purchase one of those multiple purpose wallet and phone covers), and optimize levels of privacy when typing on the keyboard.
2. “Juice jacking” can be used to steal your private data
“Juice jacking” allows hackers to break into your phone via charging ports. The term “juice” refers to the battery power on your phone. When it runs down, you might be inclined to use a free public charging station, such as in airports. These days, however, the charging cable on our smartphones is used for more than just electricity. It also transfers data.
This means hackers can break into your phone via the charging port, from where they can extract data such as images, emails, saved credit card information, social media passwords, and more. This sensitive information can be used for more than identity theft. For example, hackers can send fake messages to your contacts requesting money or ransom your employer with any confidential information. Avoid this by investing in a good portable charger.
If you must use a public charging port, try to do so in a trusted and monitored space (e.g. your office area).
3. Your smartphone can be used to spy on you
This first came to light as a result of a military experiment, called PlaceRaider. It was theorized that malicious apps could make use of phone cameras, or even other apps such as Instagram, to secretly take pictures without you knowing. They needn’t have bothered with the experiment, as real-world hackers long ago started to do this.
It’s possible to hijack your phone camera with innocuous looking apps, which may be disguised as game apps or utility apps.
4. Your phone can be used to spy on your movements and activities
The worst part of this is that it’s legal. Through apps like MSpy (which claims to help parents monitor their children), hackers can track everything from your phone call to your actual movements. These tracker apps – some of which are open and legal, and some of which are disguised – regularly broadcast your activities.
From data gathered, hackers can determine your place of work, home address, relationships with colleagues and friends, and more. Apart from invading your privacy, this is a prelude to identity theft. For example, it’s easy to impersonate you if the hacker knows your birth date, address, place of work, and so forth. Once hackers convince a relative or friend that they are you, they might request “favors” like money transfers.
5. Man-in-the-Middle attacks can give total control of your phone to someone else
Man-in-the-middle (MITM) attacks don’t actually target your phone. Rather, it sets up a virtual cell phone tower that your phone connects to, instead of the actual connection point. While highly unlikely in Singapore, smartphone users must be cautionary to this trick while overseas, where it’s estimated that US$2,000 worth of equipment is all it takes to set up a counterfeit phone tower.
Once you are connected to the fake “tower”, the hackers have free reign to look at your phone. They can even broadcast data inside your phone, thus turning formerly private information – such as photographs or text messages – into public knowledge. Hackers also have control over your microphone and, in some cases, your phone camera.
The results could be more than just embarrassing if you have sensitive work-related information on your phone. On top of that, your phone could be commandeered for other reasons, such as making overseas phone calls that rack up thousands of dollars in phone bills.
Avoid this by being aware of what network provider your phone is connecting to. If you see it’s hooked up to a network that you don’t recognize, disconnect it immediately. Also, avoid storing sensitive information on your phone, when taking it abroad.
While keeping your phone away from hacks, remember to keep it physically safe as well
A simple caution is enough to keep your phone free of most malware and hacking. For the hardware side of things, consider mobile phone insurance plans, such as Phone Protect360.
This provides coverage of up to S$1,000 when your phone gets cracked, waterlogged, or suffers other physical damage accidentally. The repair team even goes door-to-door, so you can receive service from the comfort of your own home or office.
By Ryan Ong
Disclaimer: All info contained herein is intended for your general information only and is not a substitute for insurance advice. If you have a specific question, please consult our insurance experts at 6702 0202.
Malaysia
Hong Kong