In 2019 alone, there was a 50% increase in mobile malware attacks, while in 2020 a 37% rise in mobile phishing attacks has already been reported. Even the app stores aren’t safe, as in December of 2019 over 65,000 dangerous, fake apps were found on websites all around the net. The numbers are scary, but the math is actually quite simple: the more popular a device becomes, the more likely hackers are to target it, so they can make the most amount of money.
So yeah, your phone is certainly at risk of being hacked or targeted. Which neatly leads to what you might be wondering next...
So is my phone secure or not?
It’s about as secure as you make it.
That’s the long and the short of it. Phones, like every other smart device in your life, have some form of built-in security, which we’ll go over in just a second, but they mostly rely on you making smart, cautious decisions about what you install and what you do with them. So as long as you’re careful and considerate, your phone is about as secure as Fort Knox. That said, having extra security installed — things like an antivirus or VPN — can make you even safer, as they cover all the little weak spots a phone might have, and they give you some leeway if you ever do make a mistake.
But before we get into those details, let’s first examine…
What kind of security is built into my phone?
As we mentioned, every device has some built-in security automatically installed on it for rudimentary but necessary protection. Each device is different depending on which operating system it uses, so today we’ll cover the two most popular mobile operating systems out there: Android and iOS.
Android, which is run by Google, has some fairly comprehensive ways to keep people safe from all the hackers and malware out there.
Applications are run in an isolated “sandbox” where they can’t access anything you don’t give them permission to access.
You can select a number of different “locks” to physically protect your device, from pattern passwords, to PIN numbers, to biometrics, like fingerprints, if your device supports it.
It gets automatic security updates routinely, to help cover weaknesses and vulnerabilities in the software.
Google Play uses comprehensive scanning tools to check for the authenticity of the apps on the storefront.
It comes with a rudimentary “antivirus” that can quickly check if apps are safe or not.
However, while Android’s built-in security is nothing to scoff at, it’s far from perfect:
It’s easy to accidentally give an application access to data it doesn’t actually need. It’s also hard to retract that permission once it’s given.
In spite of their scanning tools, occasionally malware still finds its way onto Google Play, where it’s downloaded by thousands of people before it’s caught.
It’s possible to download apps on other storefronts, which may not offer the same level of security as Google Play.
Most damningly, the built-in “antivirus” generally isn’t great: if a virus is “authenticated” by Google, or slips in through a backdoor provided by an authenticated app, then it’s free to wreak havoc on your device.
Apple has a good reputation for providing their devices with powerful, built-in protection. Mobile iOS devices are no exception.
Powerful boot-time scans ensure the stability and authenticity of your device every time you start it up. It also ensures you’re using the latest, most secure version.
You can physically secure your device with PIN codes, biometrics, and other “locks.”
Built-in encryption prevents third parties from accessing any data they’re not authenticated to view.
Apple only allows you to download apps from their official App Store, which has several layers of defenses to ensure apps are authentic.
Apps are sandboxed, which means they cannot access anything you haven’t given them express permission to access.
There are significantly fewer viruses (and less malware overall) designed to target iOS devices than Androids, although there are still a few.
On the whole, iOS devices are a lot safer than Android devices, but they still have a few faults:
iOS doesn’t encrypt your connection, which means unsecure Wi-Fi networks could allow hackers to see and steal data.
No built-in password feature means easily-guessed passwords could leave apps or accounts vulnerable.
iOS’s built-in security won’t help you against clever phishing attacks.
What can I do to make my devices safer?
So, now that you have a basic understanding of what kind of security smartphones use these days, you might be wondering what you can do to be even safer. Fortunately, we’ve got you covered.
How to use your phone like a security pro
It’s often said “an ounce of protection is worth a pound of cure,” and that’s as true for mobile security as it is for physical health. More often than not, simply being thoughtful about the apps you download, the permissions you give, and the websites you visit is more than enough to keep you safe and secure online.
Check, then double check, every app you think about downloading. Do a bit of research to ensure it’s being offered by a real company, and not a copycat trying to trick you into downloading it. Read reviews for the app as well — an app with a lot of reviews, dating back a few weeks or months, almost guarantees the app is safe (although not necessarily good).
Only download apps from official sources — the Google Play store and the App Store, specifically.
Check and double-check what permissions you’re giving an app when you download it. Only accept what makes sense — there’s no reason a Casino app, for example, should need access to your webcam or photo gallery.
Don’t click on strange links in emails — they might take you to fake websites that will infect your device or try and steal your information. If you see a link to a site, search for it on Google instead.
Don’t download any strange or unexpected attachments you might receive from an email or on social media. Make sure you know and trust the person who’s sending it to you, and if you weren’t expecting it, double-check with them using a different medium that they sent you something. So, if you get an unexpected email + attachment from your cousin, text or call them, and ask what it is.
Stay alert for vishing, or voice phishing, which is when hackers try to trick you into handing over data by calling you over the phone and pretending to be a professional.
It may seem like a lot, but by following these best practices, you take a huge step towards being safer on your mobile device.
What other tools can I download to keep my phone safe?
If you really want to up your phone’s security, there are a few must-have applications that can go a long way towards keeping your device — and the data you store on it — safe and sound.
Both Android and iOS phones have a glaring weakness: they don’t encrypt your connection to your wireless network, which means someone —- hackers, your ISP, or even the government — can see who you are and what you’re doing when you browse. While this may not directly lead to you getting viruses, it could mean someone could steal the information you share with websites — or worse, force you to visit fake websites where they can harvest your data or infect you with malware.
A VPN fixes that. Not only does it hide your IP address, it also encrypts your connection as long as it’s turned on, so if anyone tries to see what you’re doing online, all they’ll see is a bunch of gobbledygook. This lets you use public and private Wi-Fi networks stress-free, and it lets you access content that you could normally access at home, but can’t when you travel. It’s an essential tool for anyone who wants complete privacy, security, and access for their mobile devices.
Android and iOS have built-in protection to keep you safe, but neither offer complete protection. A good mobile antivirus, however, can fill the gaps left by Google and Apple, and allow you to really enjoy your mobile device without a care.
Good android antiviruses tend to be fairly comprehensive. They should come with a more powerful threat scanner that can actively check your phone for any malware, and purge it out of the system. They should also have access to an enormous database that recognizes and blocks known malware, even if it’s sneaking in under Google’s nose. And finally, most good Android antiviruses come with additional tools, like Anti-Theft or App Block, which can make them more useful to prospective users.
On the other hand, iOS devices don’t have any “real” antiviruses out there, since the iOS does a damn good job of protecting you from threats as-is. Instead, most “antiviruses” for iOS devices tend to offer things like VPNs, enhanced app protection, photo vaults… stuff that’s useful and can protect you in certain circumstances, but is generally just nice to have, not “need” to have.
No matter what phone you have, the weakest link in its security is going to be the human factor. Android and iOS phones can be chock-full of all the security in the world, but if your accounts have easy-to-guess or easy-to-hack passwords, then they won’t be able to do much to protect your data. That’s why it’s so important to have long, powerful passwords that are unique to each and every account you have, so that even if one gets hacked, all your other accounts stay safe.
A good password tool makes it a lot easier to do that. Not only can it automatically generate passwords that are impossible to guess and functionally impossible to brute force through, it can also store them locally on your phone so you don’t have to memorize 50 different passwords or, worse, write them down on a piece of paper somewhere. It can also automatically log you into accounts, which saves both time and trouble, for that extra splash of convenience.
The idea of keeping your phone safe and sound is important, and you can certainly take steps to make sure your device is protected from every angle of attack. But while extra security tools and built-in protection can do wonders towards keeping your phone secure, nothing beats staying informed, being patient, and exercising healthy caution whenever you’re online.
You can trust us on that — we ain’t no phonies when it comes to mobile security.