Suggestions for Mobile Phone Security (primarily applies to Apple devices, but also Android)
NSA (the office of the federal department National Security Agency) has issued some suggestions for your mobile phone security. While some feel that this agency spies on us, the recent suggestions seem reasonable. Guess you can’t be too careful these days. (personal note: I use Malwarebytes on my devices to help defend myself from bad players)
One of the suggestions, and it’s easy to do is to turn your phone off/on once a week to help defeat zero-click exploits. For iPhones (models X, 11 through 13 or later), press and hold either volume button and on/off button until the power-off screen appears. Then drag the slider, wait 30 seconds for your device to turn off. If unresponsive, you may need to perform a force restart.* Android users see ** This technique is helpful to prevent unwanted malware from being installed on your phone. It is not a silver bullet that will solve all your security ills but certainly does help.
Another suggestion is to disable bluetooth when not needed. Always update your device when software updates become available. Be wary of public wi-fi and even public charging stations. Best to use your own charger/cable to power up your phone. Some charing stations that you can plug into have devices to install malware. You can avoid this by not plugging into it but using your own charger.
Public wi-fi sites provides convenience but have risks that you have to weigh. When you are present edwith choices for connection, look at the list and try not to be tricked to connecting to a neighbors/fellow traveler’s wi-fi but use the one provided by the airport/rail service/cruise line. Most public wi-fi’s are safe, but it’s best not to us them to connect to sites that you must enter a password such as your bank or medical records. Use your carrier cellular network instead if you can. Public wi-fi’s should be used too look at news, check weather, or emails.
It makes sense to use strong passwords (six digits are good or better yet, set up an alpha numeric password). Don’t use dictionary words as a password. Set your phone to wipe itself after 10 consecutive attempts. Careful about reusing passwords across multiple accounts. Password managers can help to create strong passwords and help remember them for you. (Popular password managers – 1Password, Dashlane, and Nordpass)
Again be aware of links in emails and texts unless you are certain since you know why it was sent. Even using messaging for generic content might make you fall for social engineering to lure you into giving up personal information. Trusting phone calls or messages without verification, can lead to serious consequences. The FCC offers advice such as “Not modifying the security settings of your smartphone, for example. Tampering with your phone’s factory settings, jailbreaking, or rooting your phone undermines the built-in security features offered by your wireless service and smartphone,” the FCC advises, “while making it more susceptible to an attack.””
Be careful on granting permissions to apps to do something. Always think, why does it want this? Limit apps which access your data, microphone, photos, camera unless it is absolutely necessary.
Finally, “another option that has become even easier with the evolution of these operating systems is the ability to remotely erase data from a stolen or lost smartphone. Just ensure you get this set up so it can work to your advantage if the worst happens. “In the case that you misplace your phone,” the FCC guidance says, “some applications can activate a loud alarm, even if your phone is on silent. These apps can also help you locate and recover your phone when lost.”” (Apple Watches can help you find your phone if nearby by making it emit a sound)
Always wipe data from your phone and reset to factory settings before selling or disposing of it.
From an article in FORBES, June 1, 2024
For iPhones: https://support.apple.com/en-us/118259
** https://www.howtogeek.com/437701/how-to-restart-an-android-smartphone-or-tablet/