1. Beware of software you install
Many applications require access to your mobile phone camera and photos before installation. Unless you trust the creator of the application, it is safer to avoid installing as your device will be vulnerable to external tampering and sensitive data theft. Ensure that permissions given match the purpose of the downloaded application. After the application is installed, you may or may not be able to change this permission.
2. Do not open suspicious URLs
If you receive an invitation to click on a URL to win a prize or holiday within the next 15 minutes, and that little voice in your head is telling you that it seems too good to be true, it probably is. Do not click any links even if it looks like it was sent from a friend, and do not be pressured to make quick and potentially unsafe decisions.
3. Do not use modified smartphones or electronic devices
When restrictions imposed by the smartphone or electronic device manufacturer have been removed to allow the installation of unauthorised software (known as “jailbreak” for iOS, “rooting” for Android), it is possible for your device to be fully controlled externally. Your mobile device can be used for criminal activities, for cyber scams or attacks, without your knowledge.
4. Avoid using free WiFi networks
When you connect to a hotel’s free WiFi network or to a public WiFi network in a restaurant or shopping mall, always check with the staff what the name of the official free WiFi network is. Cyber attackers sitting close by can introduce fake WiFi access points with the network name very close to legitimate one, like “C0ffeeshop” instead of “Coffeeshop”. Fake WiFi networks can ask you to provide personal information such as email addresses and passwords.
5. Do not make sensitive transactions using public WiFi networks
Some improperly developed or configured mobile applications can allow cyber attackers to tap on the same WiFi network to sniff and decode personal sensitive data accessed via your mobile device. Even if a secure HTTPS connection is used, some applications may not be sufficiently validated which can lead to your web traffic being intercepted by a cyber attacker, sitting between you and the application’s servers.
6. Set PINs/ face recognition/ fingerprint for device unblock
If you haven’t done it, set a phone lock. Sometimes cyber attackers do not need to steal your phone to install malicious applications. Three minutes of unattended access to your mobile device is more than enough time to transfer your private information to an external web drive.
7. Do not leave your mobile device with strangers for charging
When you leave your mobile phone to charge at public locations, your data can be transferred to another device without your knowledge. It is better to use a power bank than to hand over your mobile device to unknown people, even if they look friendly
8. Use an anti-malware solution with a remote wipe function
Installing an anti-malware application in your mobile device will enable you to remotely wipe your personal data from it in the event that it is stolen, once the device is switched on and online again.