Shutterstock.com
A client of Mike Crandall’s recently had his phone compromised by a SIM card hack.
That can happen when a criminal contacts your carrier, posing as you, and asks the service rep to issue you a new SIM card. Once he gets it, he can port your number to his own phone, says Crandall, CEO of cyber risk management firm Digital Beachhead.
Crandall’s client suspected something like that had happened, because he suddenly stopped getting phone calls and texts. The client contacted his carrier, and when he was asked to provide his PIN, he learned that the hacker had taken over his account and changed it.
“He went through a lot of hoops to prove it was actually him who owned the account,” Crandall says.
This video (tinyurl.com/uzm98f2w) shows how easily a skilled hacker can persuade your carrier to give up your email address, PIN and other information and even add herself to your account.
Phones can, of course, be physically stolen, or they can be breached through connectivity with systems such as vehicle multimedia, says Hector Falcon, space and cyber intelligence integrator at the Space Information Sharing and Analysis Center, which is operated in the Springs by the National Cybersecurity Center.
It’s more common, though, for phones to be hacked via chain emails, phishing, spoofing and/or the user clicking on objects or embedded links in text messages or emails that connect to malware or executable code, Falcon says.
Another common way your phone can be compromised is to use unsecured Wi-Fi networks or open networks, he says.
“Access points may require a password, but that is not necessarily a guarantee of having encrypted and legitimate communication conduits that are securely implemented,” Falcon says.
Hackers love it when you leave connectivity-based services on by default instead of turning them on only when they’re needed. This includes services such as Bluetooth, Wi-Fi and Near Field Communications — mobile payments.
And criminals have been very successful in “jailbreaking” cellular devices, Falcon says. Jailbreaking is defined by Microsoft as “implementing software alterations and/or programs that bypass original manufacturer or developer software/hardware restrictions in order to manage or operate your device at an elevated or administrator level.”
Have you been hacked?
Two things can happen when your phone is compromised, Crandall says: “First, they monitor your information, like TikTok. It’s just collecting data, which doesn’t seem bad, but it’s kind of an intrusion. You don’t want them to have access to all your pictures, everywhere you surf and that kind of thing.”
More dangerous, though, is cloning: “Everything you see on your phone appears on their phone or device,” Crandall says. “It’s a good way to get past that two-factor identification. So when you go to your bank and they send you a text message, if I’ve gotten your password, I can get into your bank account.”
Look for apps that are running in the background that you know you closed, suggests Cody Burket, cybersecurity engineer at Firma IT Solutions. You can go into your settings to find apps that are running in the background.
“If you see apps that either don’t show up on your home screen or your installed apps, or you’re seeing things that are running in the background constantly that you know you’ve closed, some of those things could be indicators of a virus or a mal-intentioned app installed,” Burket says. “It could also be just things that are running. So you would want to do your own research with the app specifically.”
“You must be aware of how your phone operates as a pre-emptive security measure.”
— Hector Falcon
Other things to look for are a photo suddenly being taken while you’re on your bank screen or apps open on your phone that you didn’t open.
Those actions might indicate that someone else has control over your screen or the user interface of your phone, Burket says.
Other indications that something is amiss:
• one or more apps acting strangely or triggering responses from other processes, such as a mapping app turning on your camera;
• your call logs or message history showing actions or calls you have not initiated, received or answered;
• payment or billing statements showing transactions coming from your phone that you didn’t initiate; or
• the device itself locking and you’re unable to open it.
“As a smartphone user, you must be aware of how your phone operates as a preemptive security measure,” Falcon says. “Being aware of what’s known as a ‘normal operations baseline’ is essential.”
This means you are familiar with how the phone operates — how it locks, unlocks and performs during routine use, beyond just the normal click, surf and access methods, as well as normal memory use and what app icons belong on your device.
“By being aware of normal operational processes, you can more easily discern an ‘out of normal’ operation, process or application delay,” Falcon says.
What if you’re hacked?
Burket recommends contacting your local provider if you suspect something is wrong with your phone.
“Their support teams are usually pretty good, and they will be able to suggest whether completely wiping your phone is a necessary option,” he says. That possibility is a good reason why you should back up your data and contacts.
Just removing a suspicious app may not be enough, Crandall says, because malicious software could still be on your phone.
“I would start with removing the app,” he says, “but if you notice the things are still happening, the app wasn’t the actual cause — it was what was included with the app.”
If you have to do a factory reset and restart from scratch, “you don’t want to reload from the cloud or save settings, because that’s just a copy of what was there,” he says.
While it’s a pain to redownload everything, resetting your phone is “a good time to go through everything you had and decide what you really want, because we all collect apps and software over time.”
Tips to guard your phone
These are steps you should take if you suspect your phone has been compromised, or if you want to make sure your phone is secured before an invasion happens.
• Lock your screen. Set up a face or fingerprint scan. “These are pretty much the top of the line for security purposes,” Burket says. Or set up a complex password, a PIN with at least six digits or a pattern swipe with at least eight points on the pattern. These security measures can easily be added or changed by going into your settings. Change passwords and PINs at least twice a year.
• Make sure your phone and the apps you’ve downloaded are up to date. Go into your settings to find the update software settings. For downloaded apps, you can set up auto updates and manually update your apps by going to the App Store or Play Store for iPhones or Android phones, respectively.
• Don’t use open Wi-Fi networks. “Those are just ways that people can monitor and see the data that you’re using on your phone,” Burket says. “If you do have to use public Wi-Fi, make sure that you have a VPN option.” iPhones have a built-in VPN option — check your settings page. With Android phones, you have to download a third-party app, he says.
• Back up your data and contacts. “If you do lose anything or somebody hacks your device, they can’t ransom your data or contacts,”
Burket says.
• Don’t open emails, apps or anything else from someone you don’t recognize. Don’t respond to texts from senders you don’t recognize or click on links in those texts. Texting is a major way people send phishing data, Burket says.
• Don’t use your personal smartphone to access business resources or accounts.
• Don’t download nonlegitimate software applications that haven’t been vetted — for example, apps that are outside of established Google Play Store or Apple Apps Store methods.
• Don’t tether or connect your phone through a hotspot to someone else’s device unless you know them and trust their device. Likewise, “if you didn’t initiate a Bluetooth pairing request, do not approve it,”
Falcon says.
• Don’t scan random QR codes, unless they’re provided through a legitimate establishment such as a restaurant, bar or server.
• Be wary of the latest cool app that puts your face onto a historical figure or substitutes your dog’s face for yours, Crandall says. “The misconception is that if you get an app from the official store, it’s safe,” he says. “That’s not necessarily the case. Sometimes even apps that are known to be good have been breached.”
• Be risk aware. The only 100 percent secure smartphone, Crandall says, “is one that’s shut off, with the battery out, in a closet covered with cement.”