You don’t have to be a celebrity, politician or family member of a murder victim to get your cell phone hacked.
Sure, staffers at the now-defunct News of the World may have ransacked the voicemails of all of the above, but even “normal” people are targets for fraudsters mining for sensitive information.
And it’s scary how easy it is.
“As you’re doing more and more things on your mobile phone, you need to take added precaution,” says Vijay Balasubramaniyan, chief technology officer and co-founder of Pindrop Security, an Atlanta-based telecommunications company specializing in phone security.
Caller ID spoofing, for instance, used to be a valuable tool for business owners on the go who wanted their company number to appear on a client’s caller ID. Now, hackers exploit the technology to impersonate phone numbers and infiltrate voicemail accounts, potentially compromising high-level business deals and the occasional extramarital affair.
The technique has become even more popular over the last five years with the rise of VoIP services, prompting the federal Truth in Caller ID Act of 2009, which prohibits malicious spoofing.
To further defend against Caller ID spoofers, Pindrop developed technology to “fingerprint” phone calls. Banks are particularly interested in the technology’s applications, says Balasubramaniyan, since cross-channel fraud involving phones and the Internet account for nearly one-third of all banking fraud in the U.S.
While the Pindrop technology is at least a year away from reaching consumers, there are a few simple steps you can take now to reduce the chances of being phone-hacked.
1. Protect your passwords
More than a dozen spoofing websites offer hackers a direct line to your voicemail. That is, if they can guess your password.
Fortunately, service providers are now forcing customers to set up new pins when they activate their phones, but people still opt for easy codes like their birth year, dog’s name, or part of a phone number. Rule of thumb: If it can be found on your Facebook page, don’t use it. (Better yet, don’t share too much personal information on your Facebook page).
Sequential numbers like 4444 or passwords that spell out common words (5683 = love) are also big no-nos, since hackers are enterprising.
With four digits, you have up to 10,000 combinations to play with. Set a remote access pin that is impossible to guess by anyone but you. Finally, be sure to change your passwords periodically.
2. Treat your phone like your bank account
With more cell phones doing double duty as mobile PCs, a password-protected screen lock is a must. Avoid public Wi-Fi connections when accessing private information or making purchases online. Scammers are notorious for “shoulder-surfing,” where they watch for the numbers you plug in. Don’t leave a hacker any clues by deleting your browsing history and disabling functions that save your user names and passwords automatically. If you store bank account and credit card information on your phone (not recommended), use a secure application.
Moreover, turn off the Bluetooth when it’s not in use. Hackers can use the wireless connection to gain remote access to your phone.
3. Don’t open anything without verifying the source
Stay away from e-mails, texts and apps from untrusted sources. Hackers can use these to plant malware and spyware on your phone, gathering information about your call history, messages and browsing habits.
Earlier this year, a number of apps on Google’s Android market were infected with a form of malware called DroidDream, which harvested sensitive data. Keep your phone updated with new phone hack prevention tools provided by phone companies.
4. Don’t lose your phone
Before you do, consider purchasing anti-theft software, which can track SIM card changes, lock your device, wipe its contents, sound an alarm and basically render your phone useless to a hacker.