Organized crime sees your smart phone as the most vulnerable entry point into our electronic financial system—an easy way not only to steal your identity but also your money.
Says who? The Atlanta Fed.
In a bit of classic understatement, the Atlanta Federal Reserve said recently many consumers simply don’t realize how vulnerable their Androids, iPhones and other devices can be.
As the AP reported the Fed’s study showed “there are several things that can make smart phones an easy target. Vast amounts of personal data are stored in e-mails, texts and other applications, and personal information is increasingly easy to find on social media.”
In other words, on a device no larger than a postcard, thieves can access your personal identifying information and gain a variety of gateways into your finances—and they have been doing so on a consistent basis.
And the problem is bound to get worse, said Doug Johnson, vice president of risk management for the American Bankers Association. “This is one more platform criminals will continue to exploit as the channel grows,” he said.
Folks refuse to accept that a smart phone is a computing and data storage device, just smaller and cuter than their workstation or laptop, and therefore refuse to accord it the same respect as those other devices (which they tend to protect more zealously).
According to Trusteer Inc., a cybercrime protection company which was cited by the Fed, 20 subject computer servers sent out over 100,000 emails as part of a “phishing expedition.” Of the 3,000 responses received, 2,200 (a whopping 73.3 percent) came from smart phones.
Trust me, that’s just the beginning.
The smart phone platform is as irresistible for the Forces of Darkness as it is for the public. The smart phone is an integral part of our daily lives, so much so that when we use it for everyday chores and information we get distracted and sloppy. Identity thieves count on this. They count on the fact that we all have day jobs–while we are their day jobs.
So here are a few things to do to better protect your smart phone and the information contained on it.
- Password protect it–and don’t be stupid about the password you select. (Hey linear people – don’t use 1,2,3,4, or 9,8,7,6 – try to be more creative!)
- When it comes to the passwords used for different apps, mix it up. Don’t use the same one for every app (This is not a Three Musketeers “One for all, all for One” moment). Don’t make everyone simple and/or silly (unless it’s creative silly with numbers, letters, upper case, lower case, punctuation marks).
- Change passwords (both for phone and app) no less than every 90 days.
- Don’t share passwords among email, social networking, and financial services sites. Why make it easy for a hacker to get a clean sweep?
- Don’t keep your WiFi on as you roam from zone to zone.
- Don’t keep your blue tooth on as you roam from cell to cell.
- Back up your information frequently so even if you lose the phone, you don’t lose your data lifeline.
- Have a locater on your phone that can find it if it is lost or stolen.
- Have a program on your phone that can remote-wipe your data if it is lost or stolen.
- Don’t use sensitive financial service apps while in very exposed public places.
- As with your PC or Laptop, don’t click on links that appear to come from government or financial institutions that redirect you to sites which ask for you’re your sensitive information. They don’t do it; so you shouldn’t do it.
- Be careful about the pictures you click on.
- Disable geo-tagging features for photographs. (Geo-tagging code can actually tell a smart hacker when you live, work, your park of choice and even provide hints as to the birthdays of your photo subjects when combined with posts declaring, “Celebrating Little Susie’s Birthday!)
There are two last points to make about this.
You can have the most comprehensive suite of security software available, but it must be properly (and frequently) updated. Always keep in mind that even the most sophisticated security system is only as good as its weakest link. And, as much as we would like to deny it – we (as in, “We the people”) are the weakest link!
Your personal identifying information (PII) — that which fleshes out your identity and confirms that you are you — is an asset. Your reputation is an asset. Your identity is perhaps your most valuable asset.
Bottom-line: there are a whole lot of extremely important assets stored in one teeny little device that is very portable—and oh so vulnerable. Unless you are smart about it, dumb things can make your smart phone seem more like a bunny than a hawk.
Originally published on Forbes.com