With a recent study¹ revealing that an Apple Airdrop flaw leaves users vulnerable to hackers, and Android users warned about the ‘Flubot’ scam infecting devices with malware², it is more important than ever that tech users are vigilant when it comes to protecting their devices.

However, new research reveals that nearly half (49%) of UK adults have not installed or didn’t know whether their mobile phone has security software³.

In the wrong hands, stolen data can be used by hackers for illegal activity such as applying for loans or credit cards under a victim’s name, or bank accounts being accessed and money withdrawn⁴.

To help keep data safe, leading insurance provider, Insurance2go , shares five ways mobile phone users can help to protect personal data stored on their device.

1. Be cautious of public Wi-Fi

Using public Wi-Fi is great for those who have a low data allowance, or are running out of mobile data. However, public networks often don’t provide a secure connection, making it easy for hackers to use them to access personal data.

Hackers targeting public Wi-Fi hotspots are able to use what is known as a ‘man-in-the-middle’ attack⁶, which is when a hacker intercepts financial information, passwords and log-in information through a public network.

Always avoid using mobile banking apps or making online purchases whilst logged onto a public Wi-Fi network. For those who do need to use public Wi-Fi, use a Virtual Private Network (VPN) app. A VPN can protect data from getting into the wrong hands by encrypting online data and keeping personal information secure when using a public Wi-Fi connection⁶.

1. Turn off ‘sharing’ settings when not in use

Smartphone features that share a location should be used with caution and always turned off when not in use. Features such as Bluetooth, Wi-Fi, location services, mobile data and Near Field Communication (NFC) are susceptible to hacking, especially Bluetooth location services as they transmit a device’s location and presence.

Hackers can easily get hold of personal information and data through features that mark a phone as ‘visible’⁵, so always make sure to disable such features when they are not needed.

1. Only download legitimate apps

Downloading illegitimate apps is another way to open your personal data up to hackers. Often, apps hosted on some websites or third-party app stores can contain malware and can access data once downloaded⁶. It’s recommended that users only download apps from the official app stores, so App Store for iOS users, Google Play for Android users or the AppGallery for Huawei owners.

1. Be wary of app permissions

When an app is first downloaded, it often asks for ‘permission’ to access certain features or information held on a mobile phone. From the camera roll, to your speaker, location or phone contact list, apps can ask for a range of permissions in order for certain functions to work.

Be cautious of what information an app is requesting access to and question whether the app actually needs that information. For example, a photo editing app doesn’t need contact list information in order to function correctly, so take the time to properly think about whether or not that information is needed⁷.

Viral video app, TikTok, came under fire last year for security issues in the US, with reports claiming that the Pentagon warned U.S. military personnel to delete TikTok from their phones, and India previously banned Tik-Tok amongst other apps, over security and privacy concerns^10. So, it’s always important to review what permissions are being asked for by an app.

1. Avoid using auto-login

Whilst it’s recommended to have a variety of passwords for online accounts rather than the same password, auto-login gives hackers easy access to personal data by simply opening up an app or webpage. For those likely to forget multiple passwords, note them down in a secure, password protected note on a phone, or in a notebook that is kept secure and stored away.

And it’s not just using your mobile phone that can open your personal data up to hackers. What happens if your mobile phone is lost or stolen? Insurance2go  shares some useful tips for people who might find themselves in this scenario and want to keep their personal data safe:

 

1. Firstly, report the phone as missing to the network provider, who can suspend or disconnect the service to the phone. This can help stop any authorised use of the phone if it falls into the wrong hands.

 

1. If the mobile phone is known to be stolen, inform the police who will be able to provide a crime number, which can be used if the user needs to inform an insurance provider.

 

1. Most smartphones now have a built in ‘kill switch’, which can allow a user to remotely deactivate a device if it’s lost or stolen. In order towork, the feature needs to be enabled. For iPhone users, the ‘Activation Lock’ can be enabled within the ‘Find My’ app to help keep data safe. Firstly, go to the ‘Find My’ app > Tap the devices tab and choose which device is lost or stolen, then tap Activate under ‘Mark as Lost’ and follow the prompts on screen. Android users can enable the kill switch with ‘Find My Device’. Go to Settings > Google > Security, then turn on ‘Remotely locate this device’ and ‘Allow remote lock and erase’.

 

1. Finally, immediately change passwords for any accounts or apps that can be accessed on the mobile phone. Prioritise any important accounts first, such as online banking and other associated accounts.

Richard Gray, Head of Marketing and Digital, at Insurance2go said: “Our mobile phones are home to lots of stored data and without correctly protecting your personal information, it could easily land in the wrong hands.

“‘SIM-jacking’ is a common method where hackers are able to use stolen data to obtain a Porting Authorisation Code (PAC). This can then be used to switch the victim’s phone number to another phone on another network, helping them gain access to a range of personal data and information, often including banking details.

“Protecting data stored on a mobile phone is extremely important. Hackers are often creating new ways to get a hold of our data, so we hope that by sharing our tips, we can help people avoid getting caught out by fraudsters.”