by Sid Kirchheimer, From the AARP Bulletin Print Edition, May 2014

12 ways to protect yourself and your device

Cybercrooks target smartphones remotely to collect their users' data for identity theft.

Cybercrooks target smartphones remotely to collect their users’ data for identity theft.

It’s bad enough that 1 in 3 robberies in major cities nationwide now nets a mobile phone — thousands are taken each day in what’s called “Apple picking” because of the popularity of iPhones (although street thugs eagerly steal other brands). But there’s also a huge harvest by stealth cybercrooks who increasingly target smartphones remotely to collect their users’ stored data for identity theft.
Why? Smartphones not only access the Internet, but their text messages are sent without encryption, and messaging apps typically have no security protections. Plus, cellphone users generally haven’t wised up to the smartphone threat and are more likely than computer users to respond to spam.
With software firm Juniper Networks reporting a sixfold increase in malware threats to mobile devices last year, predictions are that 2014 will be yet another record-breaker for these attacks — with smartphones (and Androids in particular) leading the list.
Here’s how to stay safe

  1. If your phone offers encryption, enable it. You can learn how at help.unc.edu/help/encrypting-cell-phones. “Most encryption software will then automatically update as needed,” says Adam Levin, founder of IDentity Theft 911.
  2. Use security software recommended by your carrier or phone manufacturer, or free products by companies such as AVG, Avast and Lookout Mobile Security.
  3. When using your smartphone to shop, use retailers’ dedicated apps rather than your phone’s browser.
  4. Before installing apps, read their reviews — and stick with trusted vendors such as Google or Apple. Always read the “permissions” before downloading apps; avoid those wanting your OK to reveal your identity and location.
  5. Think twice about public Wi-Fi networks. “For the most part, you’re more secure using the provider’s network,” says Levin. Also, don’t leave Bluetooth connections open.
  6. Don’t auto-save your user name and passwords on apps or when using your smartphone to make financial transactions.
  7. Regularly clear the browser history to prevent smartphone thieves from retracing your steps to hijack your accounts.
  8. Get an app that will track and report the location of your phone if you misplace it. IPhones have a built-in app. Where’s My Droid works on Android models. The app may help police recover your phone if it’s stolen.
  9. Ask your wireless carrier how to remotely erase stored data if your phone is lost or stolen. Back up that data on a cloud account.
  10. Don’t click on links in text messages or smartphone emails from strangers or even friends if the content doesn’t appear to be their usual fare.
  11. Consider carrying a low-cost “dumb” phone to use when talking in public places. Thieves won’t be interested.
  12. Finally, do what most people don’t do but should — lock your phone with a PIN.

Sid Kirchheimer is the author of Scam-Proof Your Life, published by AARP Books/Sterling.