The amount of personal information people store on their smartphones and tablets has grown dramatically as they become increasingly central to almost everyone’s modern life. Unlike traditional computers, phones and tablets are easily stolen or misplaced. If that happens, your private data, which includes passwords, credit card numbers, and addresses, will be easily accessible to whoever picks up or stole your device.

Below are various security threats your smartphone or tablet may go through, as well as the measures you can take to protect your privacy.

Data leakage resulting from device loss or theft (high risk)

For those who want to gain access to another’s private information, learning that the mobile device that you picked up or stole is unrestricted can be gold. If you lose your device due to forgetfulness or theft, and you haven’t locked it down with a PIN or password, your device’s new owner will have access to the following:

  • Your email, including passwords or any account information that you’ve saved
  • Your social media accounts, such as Facebook, Google+, and Twitter
  • Passwords saved in your browser
  • Credit card information and password saved in apps like Amazon and Google Wallet
  • Email addresses, phone numbers, and physical addresses of your contacts
  • Access to secured Wi-Fi networks that you’ve saved
  • Photos and videos saved on the device

Unintentional disclosure of data (high risk)

Developers frequently introduce more features than the average user can keep track of. For example, you may be unaware that your device is broadcasting your location each time you post a photo using a social media app.

Here are some ways that you might be unintentionally letting the world know where you are:

  • If you’ve posted a photo with the location data turned on
  • If someone tags you in a photo without your knowledge
  • If you’ve “checked into” a specific restaurant or cafe using a location map

Attacks on used or abandoned devices (high risk)

If you haven’t wiped an old or discarded mobile device properly, whoever gets to use it next can easily access a huge amount of your personal information. Improperly decommissioned mobile devices can yield such information as:

  • Call history
  • Contacts
  • Emails

Phishing attacks (medium risk)

Phishing is an insidious form of data collection in which an attacker tries to dupe users into entering personal data, such as passwords and credit card information, by sending them fake messages that appear genuine.

Phishing can appear in a variety of guises:

  • Fake apps designed to mimic legitimate applications (e.g. Angry Birds)
  • Email messages that appear to come from legitimate sources such as banks and other financial institutions
  • SMS messages that appear to come from legitimate sources such as your wireless provider

Spyware attacks (medium risk)

If your mobile device becomes infected with spyware — either from a rogue app or a malicious website — the malignant code can send your personal data to a remote server without your knowledge.

Information logged by spyware can include:

  • All of the keystrokes made since the spyware was installed
  • Names, phone numbers, and email addresses of your contacts
  • Credit card information enter in the browser

Network spoofing attacks (medium risk)

Hackers occasionally prey on users who have connected to bogus or unsecured Wi-Fi networks. Unless you’re very cautious and enter your information only on websites that use SSL encryption, your data could be at risk of being stolen.

Here are some examples of information you could accidentally disclose:

  • Passwords to unencrypted websites
  • Credit card information sent via an unencrypted website



This entry was posted by Staff Writer on Saturday, June 18, 2016 at 6:43:40 AM and is filed under Computer Security & Data Protection.

Leave a Response