Smartphones: Protect your phone from these hackers' traps
Smartphones are increasingly the target of hackers looking for financial data. Here's how to protect yourself and your favorite piece of mobile technology.
(Page 2 of 2)
These applications must earn the developer a profit somehow, and it’s very difficult to tell what kind of encrypted messages are being sent between the app and the developer’s servers.Skip to next paragraph
Credit card debt: Are consumers returning to bad habits?
New Year's resolution (and modern fable): Spend more!
In budget battle, voters are the 'adults in the room'
Is the curtain falling on the eurozone?
FedEx delivery video: Package thrown. FedEx apologizes on YouTube.
Subscribe Today to the Monitor
Mr. Eads points out that “phishers,” people who try to trick you into giving out your login and password, have attacked the Android marketplace in the past, by releasing fake banking applications that request your login information. However, the Apple store is much more tightly controlled, and requires a copy of a developer’s passport and a notarized form, in the event of information discrepancies.
What you can do:
Be careful when downloading free apps from unfamiliar software vendors. If the app requests access to parts of your phone that don’t make logical sense, get rid of the program immediately. Unless you are downloading from Apple’s App Store, don’t assume a mobile banking app is affiliated with your bank unless you read about it on the bank’s website.
3. Shady websites
Visiting a website with an outdated smartphone browser can leave you exposed to vulnerabilities. Be sure to update your operating system immediately whenever you hear about a patch.
A notable example was the Apple iOS jailbreak vulnerability, which allowed a simple website visit to “jailbreak” an iPhone and take it over. Some advanced iPhone owners use a jailbreak program to get around the Apple’s many iPhone restrictions, but having someone else jailbreak your phone without your knowledge is downright dangerous.
Kocher believes that the increasing complexity of smartphones is causing the number of unpredictable vulnerabilities to balloon. Compounding this issue is the fact that you may have to proactively download patches to fix vulnerabilities, rather than getting automatic updates.
Eads is less alarmist. While there are certainly risks to be aware of, he says that the shadowy people who manufacture viruses blow the risk out of proportion to inflate their own importance. The Apple jailbreak vulnerability was scary, but it was revealed by people trying to prove a point, rather than by hackers. Apple quickly patched the problem with an iTunes auto-update.
What you can do:
Take smartphone security updates seriously. Sync your iPhone with iTunes on a regular basis, and keep an eye out for operating system and firmware updates from Google and Blackberry. These updates are often released after a security flaw has started attacking other phones.
How to prepare for the worst
Given the increasing popularity and complexity of smartphones, we may soon see hacker’s efforts shift from the PC to your pocket. However, only time will tell how big of a security threat these hackers pose to mobile banking and security. Fortunately, even in the worst-case scenario, liability will be fairly limited. Credit card fraud liability is limited by Regulation EFTA to $50, and mobile banking losses are generally covered by banks. However, a lost PayPal password, banking login, or contact list can still cause problems. Just work to make sure you notice it early.
– Tim Chen is the CEO of NerdWallet, a credit-card search website.