Mobile Phone Data Theft and How to Prevent It

In recent years, the 419 scam, more commonly known as the Nigerian scam, has become a bit of a cliché and a source of smug dismissal of anyone foolish enough to respond to it. But if the scam wasn’t working, the criminals behind it would have long since moved on to another hustle. The truth is, many of them have done just that, and grabbing valuable personal data from people’s mobile phones has proved to be one of the easiest and most lucrative means of committing theft.

Data thieves can get far more information from your mobile phone than you might think.

• Where you live and work, and when you will likely be away. Beyond the obvious banking and credit card information, many modern phones also have GPS capabilities, and some useful apps store more information about your comings and goings than you might think. One prime example is that such tracking would clearly indicate your home and work locations, as well as patterns of when you are away from home or at work. This information would be quite useful to a thief who wanted to burglarize your home or stalk you.

• Who your associates are, where they live, and other professional information. Not only are your contacts available on your phone, but all the email and text exchanges you’ve had with them may be available as well.

• Deeply personal and potentially embarrassing information. Even if you’ve been diligent about immediately deleting those personal text and email messages, not to mention those private photographs, from your phone, a proficient data thief could still access some of them. Even removing the SIM card does not guarantee that the data is actually gone.
Using your mobile phone’s security measures is good, but not good enough. The hackers you need to worry about are highly skilled technicians, many working for organized crime syndicates or cartels. They are good at what they do, and given the slightest opportunity, they will steal your data.

Mobile phone theft is rampant. According to a September 2014 report by the Government’s Behavioural Insights Team, titled Reducing Mobile Phone Theft and Improving Security, some 742,000 mobile phones were stolen in England and Wales during 2013. Obviously, having a victim’s phone in hand simplifies the process of extracting whatever is stored within it.
A thief does not need to have physical possession of your phone in order to steal your data. There are numerous ways for a thief to pull information from your phone without having it in his possession, without your even knowing about it.

• Apps and shared files. Downloadable apps and files, particularly from less-than-trustworthy sources, can have malicious code hidden within. Know the source of anything you put on your phone.

• Unsecured Wi-Fi networks. The popular Internet Cafes of the 1990s were for the most part replaced by Internet hotspots. As mobile phones and tablets have become more capable in the last decade, they have to a great extent replaced the notebook computers that users bring to coffee shops and bistros. What many mobile phone users fail to consider is that while using these unsecured networks, they may well be leaving their devices – and their information – open to discovery by those around them. Here, in particular, the user needs to ensure that the device’s security settings are enabled.

• Free public charging stations. What with modern smartphones’ voracious appetite for battery power, free public charging stations can be a real lifesaver for mobile phone users. Users should be aware that some unscrupulous proprietors of these charging stations attach the charging port to a computer, rather than merely a voltage converter. By doing so, they gain access to and steal the data in the phone as it is being charged, a process commonly called “juice jacking.” There are means to protect the data in your phone from being “juice jacked,” most of which are really common sense. To be truly protected, avoid using public charging stations altogether. Charge your phone on a regular basis, even if it seems to have adequate reserve power. If you frequently deplete your battery, carry an inexpensive, rechargeable backup battery. And if you absolutely must use charging stations, use either a USB cable that has only the power terminals attached, designed for charging only, or use a device like the USB condom, that attaches to a standard USB cable and disables the data transfer capabilities of the cable.

This is not a comprehensive plan, guaranteed to protect you from data theft. It is set of guidelines, and unfortunately, one that will likely be rendered obsolete as quickly as the smartphone you purchased a year ago. In the meantime, using these suggestions and common sense precautions will go a long way toward keeping your personal data out of the hands of thieves.