Hackers try to hide their activities and hope you won’t notice when they’re stealing your identity and your data from your smartphone.
Here are some of the more frequent signs that you’re being hacked and how to minimize the risk or thwart the attack.
Wi-Fi in public places, such as cafes or stores are often unsecure for the convenience of patrons. However, unsecured Wi-Fi lets malicious hackers easily intercept your data stream while you’re connected. Such intercepts are called man in the middle attacks. In this attack a hacker intercepts the data stream without anyone receiving any indication of the interception. The risk of such an attack is the same at nationally recognized brands, which may operate with more security-consciousness, and at local businesses.
An unsecured Wi-Fi network is indicated by the absence of the small black padlock symbol as shown at left.
Some businesses create the appearance of security-consciousness by using a secure Wi-Fi network and then publishing the password on a sign on the wall for all customers to see. Unfortunately, this configuration is not any better than providing an unsecure Wi-Fi connection. The password, which acts as a private key for encryption, is now a public key that is available to hackers for decrypting all data streams.
A simple, low risk alternative is to use your cellular network connection and pay for data if you must connect where you do not have private credentials for a secure Wi-Fi network.
You can also protect yourself against these hackers by using virtual private network (VPN) software and the related service.
To protect yourself, avoid connecting to public Wi-Fi and thereby compromising your personal data.
Unsecured web service
When you see this server identity dialogue box, one of your smartphone’s active tasks is trying to contact a website but cannot verify the authenticity of the certificate for that website.
Before you click on Continue, think for a moment. Did you mistype the domain name you intended to type? Do you trust the domain name shown and have you been there before?
If you answered no, someone is trying to lead you to a fake website that is masquerading for a major website you visit regularly. This can be a typosquatting or a DNS spoofing/poisoning attack. The hacker’s goal is to infect your iPhone with malware and likely breach your data.
To protect yourself and your personal data, type domain names carefully and always click on Cancel. If you are technically inclined, you can verify the DNS IP addresses on your network adapter settings and your gateway’s DHCP settings.
Evil twin Wi-Fi
An evil twin is a fraudulent Wi-Fi access point that appears to be legitimate. It claims to be one of the Wi-Fi access points on the list of Wi-Fi access points that your iPhone is aware of and will connect to automatically when your iPhone is searching for a Wi-Fi connection.
The hacker’s goal is to eavesdrop on wireless communications to steal userids and passwords or send malicious content back to you. The evil twin is the wireless network equivalent of the phishing scam.
The evil twin access point is typically configured to pass Internet traffic through to the legitimate Wi-Fi access point while monitoring the victim’s data stream. This pass-through approach ensures the victim is oblivious to the hacker’s presence.
To protect yourself against an evil twin hacker, check the name of the Wi-Fi access point you are connected to under Settings. If the name shown is for a Wi-Fi access point that you know is located somewhere else, then you’ve become a victim of this hacker. You should immediately turn off your Wi-Fi network. Then use your cellular network connection and pay for data if you must connect immediately.
Applications add useful functionality to smartphones but also increase the risk of a data breach. This risk is greatly increased if you download apps from untrusted websites, as illustrated at left, instead of from an authorized app store. Hidden inside these malicious apps, even ones that perform the functionality you’re expecting, could be malware that lets hackers steal your data.
A good example was the recent Pokémon Go craze. That phenomena encouraged quite a number of unscrupulous hackers to offer malicious apps under the guise of offering improved features, access to supposedly secret commands or improved game performance.
To protect yourself from a data breach caused by malicious apps:
- Download apps only at the authorized app store for your brand of smartphone. Don’t download apps from a link in an email or a text message. These sources are typically malicious spam from hackers.
- Read at least one review for an app you are thinking of downloading. Reviews will alert you to potential malicious apps.
- Ignore apps that claim they will enhance your game or smartphone performance in some way. Apps can’t actually perform this feat.
- Limit the number of apps you install to what you know you will actually use.
- Report iOS or Android malicious apps if you encounter one.
Enticing you to click on a link in a text messages or an email is a common avenue hackers use to steal your information or to install malware on your smartphone.
This is called a phishing attack. The hacker’s goal is to infect your iPhone with malware and likely breach your data.
Glide over, don’t click, the link in a text message or an email to reveal exactly where the link will send you if you were to click on it. That’s an easy way to differentiate legitimate messages from hacker messages. Just reading the text of the link is not enough.
In the example above, the hacker is impersonating Air Canada. By gliding over the prominent blue link, you will reveal the real Uniform Resource Locator (URL) that the link refers to. Because the real URL is unrelated to Air Canada, this is a dangerous phishing message.
Don’t click links in messages without investigation.
Cellular network spoofing
With some expensive equipment and a lot of technical know-how, hackers are beginning to learn how to spoof cellular networks to perform man-in-the-middle attacks.
Hackers pick crowded public places, such as museums or airports, because there are lots of active smartphones and we are less alert because we expect reasonable security.
In the example at left, I am not connected to Wi-Fi, but I am connected to the Verizon LTE cellular network.
In this example the hacker is trying to lure me into clicking on the mislabeled website link to claim my fake prize award. If I click as suggested, I will cause malware to install itself on my iPhone.
The best action, to thwart this attack, is to double tap the Home button to reveal all running apps in the multitasking manager. Then quickly swipe the Safari app up so that it’s no longer running. You will also want to place your smartphone in Airplane Mode until you have returned to a safer location far from the initial intercept.
To protect yourself and your personal data, be careful when clicking on website links to avoid downloading malware that will gather personal information.
Strange smartphone behavior
Your smartphone may have been hacked if you notice apps launching by themselves. If the battery drains much faster than normal, that typically means the map and camera are active without your knowledge. Unexpectedly large data charges on your cellular phone bill also indicates a problem. These events all indicate a hacker has taken control of your smartphone.
Your immediate action should be to turn off your smartphone. Then seek out technical help to remove the malware from your smartphone.
Operating system flaws
Despite the best intentions of smartphone manufacturers, operating system flaws exist and will be discovered. These flaws can let hackers in. Some of the flaws not only allow hackers to steal your data but also to gain access to your smartphone remotely and control it.
To correct flaws and protect end-users, smartphone manufacturers release operating system updates frequently. Your iPhone will indicate an update is available to be installed by displaying a “one” on the Settings icon as illustrated at left.
Install operating system updates as soon as they become available. This action is important because, once updates are released, your risk of being hacked actually goes up if you fail to install the update. Hackers will now know about the technical details of the flaws being corrected and will use that knowledge to attempt breaches of out-of-date smartphones.
Despite the best intentions of smartphone app developers, software defects exist and will be discovered by end-users. Sometimes these defects can let hackers in to steal your identity and your data.
To correct software defects and protect end-users, smartphone app developers release app updates. Your iPhone will indicate app updates are available to be installed by displaying a number on the App store icon as illustrated at left.
To protect yourself, install app updates as soon as they become available.
What is your experience with strategies for reducing your risk of smartphone data breaches?