Tackling A False Sense of Device Security

Let’s face it; most of us expect that when we share, receive and store data via our devices it will be a secure experience. We don’t automatically think about the possibility of others being able to watch what we’re doing while we’re shopping, banking or navigating the internet. We think brands like Apple are invincible when it comes to security, but in reality, no brand is completely secure.

Regardless of the device or the brand, nothing is 100% secure from hackers and cyber-criminals because hacking methods can penetrate any device. As consumers, we are tremendously vulnerable when we use free, public Wi-Fi because various software and hardware allows cyber-criminals to set up dummy hot-spots and gain access to our personal data like credit card numbers, bank account details and passwords.

A typical hacker trick is to capture your email login details from a dummy hot-spot to gain access to your account and change the password to potentially lock you out. They will indicate to other services you use that you have forgotten your password. Those services will then send new login information to your inbox and, since most people use the same email account for all services, the hacker will have all new logins at his or her disposal.

Another type of hack is called DNS spoofing. This involves diverting internet traffic after a hacker has quickly gotten into your system and built a profile on you. For example, whenever you try to access the webpage of your bank, the hacker has his program redirect you to a page he has cloned that appears identical to the trusted site. Any information you enter at this site is stored on the hacker’s server.

"Mobile and computer device security improves every year, but the consequences of cybercrime continue to get worse"

Public Wi-Fi isn’t the only thing that makes us vulnerable. Many mobile apps we download may not be secure or support the latest security standards. While any information shared is required to be disclosed at the time of the download, many consumers don't read the disclaimer or terms of the download and, consequently, are allowing their information to be shared from any mobile device.

Changing and verifying passwords from a mobile device also puts unsecured data at risk. Until recently, with the two-step iCloud verification, hackers and cyber-criminals could log into your account with stolen or guessed passwords. This access allowed attackers to download a complete back-up of a consumer’s data by using Elcomsoft's Phone Password Breaker.

According to a study commissioned by Norton, 50% of online adults have been victims of cybercrime and negative online situations in the past year. Additionally, 41% have fallen victim to attacks such as malware, viruses, hacking, scams, fraud and theft. The financial loss from cybercrime is up 50% over the previous year and according to Javelin Strategy and Research, the number of victims of identity fraud is also up.

Mobile and computer device security improves every year, but the consequences of cybercrime continue to get worse. Consumers need to take control of their privacy and be proactive about data security, even while completing common daily tasks. These activities include any web activity such as shopping, banking, social networking and storing personal data.

While all of our favorite brands are continually improving security across all of their devices, the reality is that we can’t control cyber-criminals. We can, however, take control of our privacy by implementing protective measures, being more vigilant and being more aware when using our devices.  When looking to protect yourself and your data from cyber-criminals, consider these three rules of thumb:

  1. Use trustworthy security tools. Our devices have them and we should use them. For example, require authentication (login) to access your device or turn on encryption to scramble data. Keep in mind, these aren’t always automatically turned on. Also, devices don’t have all the tools you need to stay protected, so consider getting additional solutions such as a secure private network.
  2. Ensure you have strong passwords. Don’t use easily identifiable dates or names. Include numbers and letters and incorporate upper and lower case. Even use symbols. Also, be diligent about changing them. Don’t use the same password for too long as it makes you more vulnerable.
  3. Practice privacy. Consider not storing precious information on your device or computer. If it’s acquired by the wrong hands and could really disrupt your life, it shouldn’t be on your device.

The message is a simple one. Consumers can drastically reduce the chances of being hacked, tracked or having their data stolen from their devices just by practicing some vigilance and implementing some security tools. 

About the Author

Vince Mazza is CEO of Guard Street, a recognized business leader and data privacy and protection advocate. He brings over 20 years of experience in the credit card data protection, social networking security, identity theft protection and loyalty arena for several of the world's largest companies

What’s Hot on Infosecurity Magazine?