Keeping your mobile phone safe and secure

For many of us, our mobile phone has become something we can’t do without. We carry it around with us all day, and we use it to check everything from our emails to the weather. We even make calls on it from time to time. But, it’s easy to forget that our smartphones are actually just small computers. And that means we need put the same effort into protecting our mobile phones as we do our PCs and our laptops.

If you lose your mobile, or it gets stolen, someone could get hold of your Google account login details (if you have an Android phone) or your Apple ID (if you have an iPhone). They could also get easy access to things like:

  • your contact details
  • your photos
  • your social media accounts (when was the last time you logged out of Facebook or Twitter on your phone?)
  • your banking or financial details
  • any apps you use and the data you store in them, like Dropbox, OneDrive, Google docs or iCloud
  • your browser history
  • any of your other devices.

Luckily, we have some simple ideas for what you can do to keep your mobile safe and secure — and best of all, they’re free.

Secure your mobile against loss and theft

  • Always lock the screen when you’re not using your phone. You can set it to lock automatically after a certain amount of time, the shorter the better.
  • Put a good, secure password on your phone so others can’t access it easily — use a number, pattern or fingerprint.
  • Use the tracking function (like Apple’s ‘Find my phone’ feature) to help you protect your phone if it’s lost or stolen. This will let you:
    • track where it is on a map
    • play a sound to help you find it if it’s close by
    • ring it
    • lock it remotely
    • put a note on it with your contact details so people know who to return it to
    • erase the data on it.
  • Set your phone up to wipe the data on it after 10 failed login attempts. Most smartphones have a feature that does this — check your settings or preferences to find it. That way, if someone does manage to get hold of your phone, it’s unlikely that they’ll get their hands on your data.

Back up your mobile data

Backing up the data on your mobile — to iCloud, for example — is one of the most important things you can do. If you back up your data you won’t lose access to any of it, even if your phone is lost or stolen. Make sure you back up your mobile regularly, for example, once a week.

Update your phone’s operating system

When you’re alerted to a software update for your mobile phone, install it as soon as possible. Updates aren’t just about adding new features. They’re also about fixing vulnerabilities that attackers could find and use to gain access to your system.

Be smart with your apps

  • Only buy apps from official app stores. Apps that are available from 3rd party sellers may not be legitimate, and could contain malware (like viruses). Android phones have a setting that prevents 3rd party apps from installing. You can find it in your settings.
  • Set your apps to update automatically. This will ensure that you always have the most recent, and safest, version available.
  • Check the permissions and settings on all your apps. Make sure that they don’t have access to any other features on your phone that you’re not comfortable with. For example, you might want Facebook to be able to access your photo library, but your weather app probably doesn’t need to.
  • Delete any apps you don’t use. For example, if you downloaded an app to help you plan a holiday and you don’t need it any more, get rid of it. That way you don’t need to worry about updating it.
  • Check your bills. If you start to see any unexpected charges on your account, make sure they’re not coming from an app that’s running programs it doesn’t need to.

Be careful using hotspots and free WiFi

  • Be careful about what you do online when you’re using a hotspot or free WiFi. These networks are untrusted, meaning that it’s possible that others could see what you’re doing when you use them.
  • Never do online shopping or internet banking on free WiFi.
  • If you need to check your email, make sure you have two factor authentication set up first.
  • Turn off WiFi and bluetooth on your phone while you’re not using them.

Keep an eye out for scams and phishing

Watch out for scams and phishing attempts on your phone, either by SMS message or email. It’s sometimes easier to quickly respond to something on your phone than it is on any other device, but if you’re not sure about something, stop and check it first. Be cautious about clicking on links and attachments in SMS messages or in emails. If you’re not sure why a company’s asking you for information, contact them in another way — through their website, for example — to ask before you give out any personal details.

Remember to log out of your accounts

Make sure you log out of personal accounts on your phone after paying anything or online shopping. If you stay logged in and someone steals your phone, they could get access to your account details, as well as your credit card information or bank accounts.

If you sell your phone, give it away, or replace it with a new one

  • When you stop using your mobile — if you give it away or sell it, or decide to buy a new one — reset it to its factory default first. This will clear all of your personal information from it. You can find the option to do this in your settings or preferences.
  • If you’ve set up a tracking function on your phone, like Apple’s ‘Find my phone’ feature, turn it off before you reset your phone. You should also do this if you’re having any repairs done.
Visit CERT NZ for more information. 
Visit ACSC for more information.