Is your life on your smartphone?

They go with you everywhere and some people feel lost if they aren't forever flicking at the screen...

OK, so your life is on your smartphone. These 8 steps can keep cyberthieves out.
smartphone

Now that you’re relying on your smartphone more than ever before – personally and professionally – are you doing enough to protect it and its contents?

A fitted smartphone case and screen shield may reduce the odds of damaged hardware if dropped or scratched, but more importantly, you’re carrying around private information that can fall into the wrong hands if your device is lost or stolen.

An even greater likelihood is having your data exposed while the smartphone is still in your possession. From malware (“malicious software”) disguised as legitimate apps to phishing scams entering your inbox to digital eavesdropping on public Wi-Fi hotspots, your device is more at risk than ever before.

The good news is you don’t need a degree in computer science to better safeguard your smartphone. The following are some simple tips to keeping the cybercriminals out, regardless of the smartphone you use.

A few simple (yet often overlooked) suggestions:

  • Back-up, back-up, back-up: Above all else, it’s incredibly important to back-up your phone’s important files – like irreplaceable photos, videos, contacts, text conversations, and so on – before you lose your device or have a cybercrook remotely lock you out of it and try and extort money from you to let you in (“ransomware”). Whether you use the cloud, connect it to a PC to back-up files on a regular basis (through iTunes for iPhone users), or rely on a back-up drive (like SanDisk’s iXpand Base), do something to protect your precious files before it’s too late.
  • Use a passcode: All smartphones let you lock it with a PIN code, password, pattern, or biometrics login (using a part of your body) to confirm it’s really you. So long as you lock your device in some fashion, no one else can access your information should your device be lost or stolen. A thumbprint or face/iris scan is most convenient, if your device offers it. Also make sure you don’t set up your apps to automatically log you in when a password is an option, as someone may guess your phone’s pattern or PIN, and now they’ve got the keys to the kingdom.
  • Be app-savvy: Only download apps from trusted, reputable sources. Always stick with official stores like App Store or Google Play, read comments from previous users before you download to confirm it’s a legit application. Never be the first to download something new. Read the app permissions instead of blindly accepting the terms and conditions, because there’s no reason a game needs access to your camera, microphone, and contacts.
  • Don’t be gullible: Immediately delete suspicious text messages or emails from people you don’t know. Don’t click on any embedded web links or attachments, nor should you write or call back any unknown phone numbers (it only confirms your number is valid). Scammers and spammers are increasingly targeting smartphone users, including phone calls posing as someone they’re not. Immediately block numbers from these malicious types, report it if you can (often a feature built into the phone), and perhaps choose to ban private numbers from getting through.

Bump up your protection

A few more recommendations to keep the bad guys at bay:

  • Install antivirus: Especially for Android users, it’s recommended to protect your mobile data with security software, such as the comprehensive Norton Mobile Security (€29.99/year). Not only do these apps protect your device from viruses and other malware, but premium services also lock down your privacy settings and scan apps and files for threats, but some solutions can snap a photo of someone attempting to log into your stolen phone, via the front-facing camera, and send the image to you!
  • Set up remote wipe: Should your phone become lost or stolen, you can remotely lock it (if no passcode is on it already), display a message (“Please call me for a reward”), wipe the data clean, or track it on an online map -- but you need to set this up ahead of time. Free services include Find My iPhone (iOS) and Android Device Manager (Android), but there are other third-party tools with even more features. But always work with authorities to retrieve a stolen phone rather than attempting it on your own.
  • Two-factor authentication: Along with having a good password or passphrase for all your online activity (and not using the same password for everything), opt for two-factor authentication (also referred to as “two-step verification”), which means you'll not only need your password to access your online account but also a one-time code sent to your mobile phone, to confirm it's really you. In other words, two-factor authentication is built on the premise of having something you know (password) and something you have (phone).
  • Browse safely: Use a virtual private network (VPN) when spending time on the web, as it masks your online identity, making you safer. A browser’s “Private” or “Incognito” mode isn’t the same thing -- it only wipes your history and cookies clean when you close the browsing session, but what you’re doing while online can still be seen by your service provider, the government, advertisers, and malicious types. Using a VPN is especially important when using a free Wi-Fi hotspot, as it puts your data at greater risk (better yet, don’t use public hotspots at all and use your cellular connection).

Netwise 08.07.18

How to hide your Gmails from prying eyes 

gmail

Google has confirmed that the private emails of Gmail users can sometimes be read by the staff at external companies and not just machines.
It's no surprise that computers and algorithms can process your email messages but not everyone knew that humans could be reading them too.

Here's how to check on your account:

From your Gmail account click on your profile image in the top right corner and then click Google account.

gmail account
Note: icon will be different to mine.

gmail manage

gmail apps

Then from the left hand side menu box, choose "Apps with account access".

From here you can see which apps have been linked to your Google account.

 

If you have allowed apps to read your Gmail messages they may also be read by the app's staff.

You can revoke this permission by clicking on the app and then "Remove access"

gmail access

Netwise 06.07.18

GDPR - General Data Protection Regulation

A short video (less than 2 minutes) from the BBC that explains the basics of the new law which came into force on 25th May 2018

The £5 phone app that anyone can download to nab your card details...

Meet the man with a party trick

In a cafe close to a Royal park Nigel Swabey is telling me all about renovation work to his house over a pot of tea. He interrupts the small talk and politely asks me to pass the milk jug. As I do, his hand darts briefly across the table at lightning speed. Perhaps he was just reaching for a napkin. But then I notice Nigel's phone is now perched on top of my purse. The 69-year-old chuckles, picks his mobile back up and shows me the screen - it is displaying the 16-digit card number and expiry date of my credit card.

I've come to Richmond in West London to meet the man who says 'skimming' strangers' credit card details in less than five seconds is his party trick.

To do this, he uses a smartphone app that is completely legal and costs just £5. It's called the Credit Card Reader NFC (EMV) and has been downloaded on to mobile phones more than one million times.

money mail party trick

Money Mail reporter Sara meets Nigel Swabey who demonstrated how to use a easily available mobile phone app to steal a person's bank card details


This enables the phone to pick up the information sent by a card's chip during a contactless transaction - the card number and expiry date. This was impossible until banks started issuing everyone with so-called contactless cards that you wave over payment terminals without having to enter a PIN. The only things the app can't pick up are the name of the cardholder and the three-digit security code on the back. Nigel skims cards at dinner parties to show just how easy it is for criminals to steal payment details and use them to make fraudulent purchases online. He says: 'It's a bit of a gimmick of mine. You hold up the phone to a guest's pocket and say: 'Ah, you have a Mastercard. Your expiry date is this, your number is this.' 'It's shocking for people who assume their details are protected - and seeing it happen in real time makes them realise how vulnerable they are to fraud.'

Nigel has a vested interest - he's an entrepreneur and owns the European rights to Australian product, SkimGuard, which you put in your wallet to block fraudsters from stealing your details. That's why Money Mail wanted to see for itself how easy card-skimming really is. I lean across the table to get a good look at the phone but Nigel has one more trick up his sleeve.

He taps the screen, selects a 'transactions' option and shows me - to my horror - the last ten purchases I made using that card. All my recent spending is there, the Tube journeys to and from work, the groceries for a dinner party and flights I'd booked for an upcoming holiday. It's impossible to get this level of detail on debit or Amex cards, Nigel explains. But many credit cards are ripe for fraud.

This is because the chips inside cards issued by some banks hold previous transaction details. Not all cards are vulnerable, though. Banks tell customers that spending on stolen contactless cards by crooks is kept in check because each transaction is limited to £30 at most. They say your PIN is automatically demanded after a set number of suspicious-looking payments. But experts say the real danger is not losing money in a contactless transaction after someone brushes past your handbag with a card reader, but the crook harvesting all the card details they need to commit fraud in your name.

Nigel explains that the criminal's phone needs only to be close to the card it's trying to read for the app to work.

And, crucially, the radio waves do pass through fabric. That means on a crowded train, or at a busy concert, all scammers have to do is get their phones next to people's pockets to go on a spending spree. Worryingly, some sites, including Amazon and Booking.com, do not require the three-digit CVV number on the back of card to make a purchase. So fraudsters who've skimmed your card could theoretically spend online with the details they have. 

But Amazon says it has a rigorous fraud detection system that means it doesn't require CVV codes. Official figures show the boom in contactless cards over the past two years has fuelled a 51 per cent rise in card fraud cases, which have now reached 565 a day. The number of contactless transactions has gone from 1 billion in 2015 to 5.6 billion last year, with almost a third of card transactions last year contactless.

Banks have no way of working out how criminals have got hold of card details they are using illegally, so claim it doesn't count as 'contactless card fraud'. A UK Finance spokesman says: 'We successfully prevented more than £2 in every £3 of attempted fraud in 2017. 'Contactless fraud is low with robust security features in place in every card, and no contactless fraud has been recorded on cards still in the possession of the original owner. 'Customers are fully protected against any losses and will never be left out of pocket in the unlikely event they are the victim of this type of fraud, unlike if they lose cash.' 

Daily Mail reported 6th June 2018