Protect your privacy, data and peace of mind with this guide to beating thieves, whether theyre online or on the street
As weve recently seen from leaked CIA documents, no one is immune to hacking attacks. Heres how to protect yourself against them, whether they come from opportunist thieves or state-sponsored spies.
1. Keep up to date and dont open up holes yourself
When it comes to protecting yourself against hackers, step one is always to install software updates as soon as they become available: thats as true on smartphones as it is on computers. Yes, updating can be a tiresome and intrusive process, and it sometimes brings annoying changes to the interface that youre used to. All the same, a huge proportion of successfulhacks exploit vulnerabilities that have already been patched; exposing yourself unnecessarily is justdaft.
Id also strongly advise against using unofficial tools to root your phone (known as jailbreaking on iOS), unless you know exactly what youre doing. On a rooted phone, technical safeguards can be defeated, allowing apps to perform all sorts of actions that are normally prohibited and that can include snooping on your personaldata.
2. Be careful of what you install
When you install a smartphone app, you may be asked to grant it various permissions, including the ability to read your files, access your camera or listen in to your microphone. There are legitimate uses for these capabilities, but theyre potentially open to abuse: think before you approve the request. That applies especially to Android users, as Googles app-vetting process isnt as strict as Apples, and there have been reports of malicious apps spending months on the Play Store before being spotted and taken down.
Android also lets you install apps from third-party sources: this allows services such as Amazons competing Appstore to operate, but it also provides an easy way for rogue apps to get onto your phone. Id strongly advise against installing anything from an unfamiliar website.
3. Review whats already on your phone
Even if the apps on your phone seemed simple and safe when you installed them, subsequent updates could have turned them into something more sinister. Take two minutes to review all the apps on your smartphone, and see which permissions theyre using: on iOS, youll find lots of relevant information under Settings > Privacy.
On Android, its harder to get an overview of which apps have which permissions, but there are plenty of security apps that help here, including free packages from Avast and McAfee. These tools can also jump in and alert you if youre trying to install an app thats known to be malicious, and warn you if a phishing attack is trying to trick you into entering a password into an untrusted app orwebpage.
4. Make it hard for intruders to get in
If a thief gets physical access to your phone, they can cause all sorts of trouble. For a start, your email app probably contains a trove of personal information. Make sure your phone is locked when not in use: both Android and iOS can be set to require a six-digit passcode. Your device may offer other options too, like fingerprints or facial recognition. Such methods arent perfect a really determined hacker could copy your fingerprints from a drinking glass, or trick a camera with a photograph of you but theyre a lot better than nothing.
And be wary of smart unlock features, which automatically unlock your phone when youre at home, or when your smartwatch is near; these could let a thief bypass your unlock code altogether.
5. Be prepared to track and lock your phone
Plan ahead, so even if your phone is stolen, you know your data is safe. One option is to set your phone to automatically erase itself after a certain number of incorrect attempts to enter the passcode.
If that seems a bit drastic, dont forget that both Apple and Google operate find my device services that can locate your phone on a map, and remotely lock or erase it. For Apple users, this is accessed through the iCloud website you can check its enabled on the phone in Settings > iCloud > Find My iPhone. Android users can access Googles service at google.co.uk/android/devicemanager. You can also make a missing phone ring helpful for drawing attention to the thief, or tracking down a handsetthatsbeen merely mislaid.
6. Dont leave online services unlocked
Auto-login is a very convenient feature, especially since a virtual keyboard can make typing passwords a chore. Its also a huge liability: an intruder simply needs to open your browser to gain access to all your online accounts.
Ideally, therefore, you shouldnt use auto-login features at all. If you must, use a password manager app that requires you to regularly re-enter a master password. And dont use the same password for more than one app or service: if that one password gets found out, it can be used to access a whole range of private information. This applies even if youre perfectly scrupulous about keeping your smartphone secure: hackers regularly break into online services to steal user credentials, which they then try out on other sites.
7. Adopt an alter ego
If youve followed this advice so far, it should be very difficult for anyone to get into your phone. However, some major hacks have been pulled off without any access to the victim at all. If someone can find out (for example) your date of birth, home town and mothers maiden name all stuff that can be easily picked up from a site like Facebook thats often all they need to reset a password and start breaking into your accounts. You can see off such attacks by fictionalising your past with details that are unlikely to be guessed; perhaps, for the purposes of security, you were born in 1999 to MrsVictoriaBeckham, ne Adams.Just remember what you claimed, or you could end up locking yourself out.