With data increasingly being stored in the cloud, documents and media being easily transmitted with a click, and devices signaling their locations, the risks of your personal information falling into the wrong hands has risen with the advent of smartphones.
We’ve already taken a look at how to handle and minimize privacy breaches through app permissions. Truth be told, data mining through mobile apps is but one of many ways your data can unwillingly wind up in the wrong hands. Here, we’ll take a look at a few other techniques used by hackers and thieves, and what you can do to protect yourself – but ultimately, privacy is a personal matter, and only you can decide how much you’re willing to share.
Malware is any software designed to damage or disable computers. It might seem ridiculous to consider, but do you look at your Android device as a phone or as a complex computer?
Just as a refresher, here are a few fun things malware can do with your phone:
- Listen in on your phone calls
- Intercept text messages
- Access stored personal information
- Steal passwords
Malware can latch onto your phone from bad apps in legitimate app stores, apps downloaded from third parties, and pirated apps.
Fortunately, any phone running Android 2.2 and up (pretty much every phone) scans downloaded third-party apps for malware, and users of phones on Android 4.2 or higher can check for themselves by going to Settings, then Security, and finally Verify apps.
Samsung Galaxy Note 4, Android 4.4.4
Defending against malware on your phone picked up from other sources, such as web browsing, is incredibly simple as long as you’re proactive. Download a mobile security suite from the likes of Avast, BitDefender, or Lookout – which are shown to block malware over 99% of the time – and prevent your phone from being hit hard by hackers.
Mobile web browsers store your personal data to give you targeted ads – if you look up cheap flights to Australia a lot, you’ll see ads for plane tickets and vacations more often. They’ll also record your location, which might sound fishy, but it’s typically used to display relevant search results and, again, targeted ads.
Not everyone is fine with their every browsing move being recorded. Clear your cache and disable location settings for websites you visit by going to your browser’s Settings, then Privacy and security.
Samsung Galaxy Note 4, Android 4.4.4
Here, you can clear your cache, disable cookies and password memorization, and turn off location sharing.
Periodically clearing your cache and removing stored information can prevent hackers from finding a treasure trove of private details should they ever gain access to your browsing details.
If you use social networking sites and apps frequently, there are still ways to minimize sharing too much.
Check your pictures and posts – really check them – before you hit “post.” Make sure there’s nothing you wouldn’t want archived online forever, like credit card numbers or your address in the background.
Social networking sites are also notorious for resetting and updating privacy setting without much notice. Even if you have extensive privacy filters set up, they could all be wiped out tomorrow with a new update.
It might seem trivial, but many mobile games will also try to post to your social media accounts. You’ll have to specifically forbid Clash of Clans from outing your gaming addiction to your family and friends.
Both Dropbox and iCloud have experienced data breaches in the past, but even if you use Google Drive, you should be diligent with your account. Cloud storage depends on third-parties to keep your data safe, but there are a few things you can do, too:
- Enable two-step verification for Google Drive, Dropbox, or your cloud app of choice
- Download an app like SSE to encrypt files prior to uploading, so only you can see them
- Don’t share uploaded files openly, especially parent directories with many sub-folders
- And, avoid using cloud services on open WiFi networks
General Best Practices
Phishing and physical theft represent a threat to any technology user, not just those with Android smartphones. Phishing is an attempt to steal private information by pretending to be a trustworthy source, like a thief posing as your bank to ask for credit card information.
To minimize the possibility of phishing:
- Ignore messages from unknown senders
- Don’t give out personal information over the phone
- Log out of email accounts and apps
And, to protect your phone from theft:
- Change any swipe-based or simple PIN unlocks to longer passwords
- Install a remote locater app to find a lost or stolen phone from another device
- Also consider a remote wipe app or Google’s own Android Device Manager, used to clear a stolen phone back to factory defaults
Hackers and thieves develop more complex ways to steal our information every day, but it isn’t all doom and gloom. Android still remains a very safe operating system, and using even the most basic prevention measures will go far in protecting your privacy. In the end, smartphone users have to give up a little information to get the most out of their phone, but at least you can have a say in its disclosure.
- New attack hides stealthy Android malware in images, PCWorld
- What Should I Do if I Think My Identity Has Been Stolen?, Pacer Center
- Secure your Google account with a little 2-step shuffle, TechRepublic
- How do I enable two-step verification on my account?, Dropbox
- Facebook Privacy Change Is Subject of F.T.C. Inquiry, The New York Times.