Essential tips for mobile phone security

Nowadays, most of us have a lot of personal information stored on our phones.

Whether you use online banking, have your Amazon account linked to your debit card, or just keep personal information like account details, addresses or private contact numbers stored in your emails, your phone is likely filled with sensitive personal data.

Here are our best tips to make your mobile phone more secure.

1. Use strong lock screen security

You wouldn’t leave your house without locking the door, so don’t leave your phone without locking the screen. Modern smartphones offer several different unlocking options and not all of them are equal when it comes to security.

A pattern may be easier to remember, but it’s also easier for others to watch and remember or replicate from the fingermarks on your screen. Here are the methods for unlocking your phone in order from most secure to least secure:

1. Fingerprint
2. Password
3. PIN
4. Face unlock
5. Pattern

If you want to keep your smartphone secure, consider using a password rather than a simple PIN. While it may take longer to type out each time, the number of possible combinations makes it the more secure option. Longer passwords and those that include both letters and numbers will help keep your mobile phone and your personal information safe and secure.

Also, it should go without saying, but don’t set your password to ‘password’.

2. Lock your apps

Once you’ve set up your screen lock, you can go one step further and add an extra layer of security by locking specific apps. This is easier to do on Android devices since you can install dedicated apps, such as App Lock, which lets you require a separate PIN, password or even fingerprint to unlock selected apps.

Some services, such as online banking, shopping or email, automatically require a second level of security to gain access. However, you might still want to prevent unwanted access to other apps if you so wish.

Currently, iPhone options are more limited. iOS allows you to limit screen time or access to some first-party apps during specific times.

3. Log out of apps and services

If you’re unable to lock your apps, the next best thing is to log out of apps and services that contain personal information.

While staying logged in makes life much easier, especially if you use them on a daily basis, it also makes it much easier for someone who gets hold of your phone to access all your information with just a few taps.

When logging out of apps, prioritise shopping apps or any other app with your bank details saved. This might also help you limit your impulse online shopping.

4. Use a password manager

Once you have your passwords set for various apps and websites, the best way to keep track of them and to keep them safe is with a password manager app.

They let you set unique passwords for each app and website, using longer words and numbers, without worrying about remembering every single one of them. This makes your phone more secure than if you were to use the same memorable password for every account you have.

Password managers like LastPass also make it easier to log back into apps and websites. This means you can keep them even more secure by logging out each time without having to worry about remembering passwords every time you want to browse on sites like Amazon.

5. Beware of spam emails and phishing emails

Spam emails have become such a part of our everyday lives that it can sometimes feel like there’s more junk in your inbox than actual emails. Phishing emails and similar scams are looking to trick you into giving away personal information by convincing you that they are from official companies or organisations.

No matter who emails you, never click on a link within an email that prompts you to fill in your personal details or reset your password. There’s a high probability that this link will take you to a fake site where it will record your details and use them to access your online accounts.

If you get an email from your bank, from the government, or from a shopping platform like Amazon stating unusual activity on your account, do not click on the link provided. Instead, if you’re concerned, exit your emails and access your online account directly to check if there are any direct messages within your account.

Read more about how to spot a mobile phone scam. 

6. Use antivirus and security apps

Using an antivirus app can help protect your smartphone from malicious software which could be used to access your personal information. Even though smartphones are less vulnerable than computers and laptops, there is still some risk. Considering the amount of things we use our smartphones for, even a small risk is potentially serious.

Well-known antivirus programs like McAfee, Avast and Panda have smartphone app versions which provide enhanced security by making sure that downloaded files, apps, PDFs and images aren’t infected with malware before you open them.

7. Avoid unofficial app stores and jailbreaking

Jailbreaking is the act of removing all the built-in restrictions on your smartphone’s operating system so you can install unofficial apps, themes, programs, and extensions on your device. People sometimes do it to customise their phones, improve battery life, or download and use apps that aren’t available in the official app stores. However, jailbreaking your phone can leave it significantly exposed to hackers.

If you jailbreak your iPhone and it malfunctions, don’t expect any sympathy from Apple. It will also void your warranty, and you won’t be able to get it repaired or replaced.

8. Download extra security software and/or a VPN

While most smartphones come with some security services like Android Device Manager and Find My iPhone, downloading additional security software is never a bad idea.

Apps such as ‘Prey Anti Theft’ won’t prevent your device from being stolen, but they could help you get it back. These security apps enable you to remotely take pictures with your smartphone camera, or sound an alarm which will go off even if the phone is set to silent.

It’s also a good idea to download and install a VPN (Virtual Private Network) on your phone. A VPN will allow you to make a secure connection through a private network when using the internet. This keeps your data safe and anonymous by assigning you a temporary IP address when you access websites. Essentially, they add an extra layer of protection between you and hackers.

Get a VPN with Surfshark.

9. Avoid public networks and charging points

Public Wi-Fi in places like cafes, airports and shopping malls is a convenient way to get online while you're on the move. However, these public Wi-Fi networks are, as the name suggests, public, meaning it’s much easier for others to access your information. (If you can’t avoid using public networks, then make sure you have a VPN installed for an extra layer of security.)

The same is true for charging your phone at public charging points in airports, stations, conference centres, and other busy locations. When you connect your device to a charging point via USB, the connection is also able to transmit data. This type of hacking is known as "juice jacking", when your phone is vulnerable to a security breach.

So instead of using an open USB charging point, remember to bring your charger with you so you can plug your phone directly into a power socket to charge.

10. Regularly update phone software

The constant stream of updates on your phone can be a bit frustrating, but smartphone software updates aren’t just for cosmetic reasons. Many of these updates and bug fixes contain improvements to your device’s security, helping you guard against data breaches and reduce your vulnerability to hacking attempts.

The longer you go without updating your phone, the longer you’re risking your data from malware or malfunction. So when there’s a new operating system update announced, be sure to install it straight away.

11. Start using two-factor authentication

You’ll start seeing two-factor authentication being incorporated into more and more sites that hold sensitive data. The extra step can seem a bit tedious, but double-checking that your identity is legitimate before allowing access to a specific account makes it significantly more secure.

You’ve probably used two-factor authentication to access banking websites, government websites or sites that verify your identity. The most common form of two-factor authentication is when you’re sent a time-sensitive code via text message. You’ll need to enter that code before you can access the designated account.

12. Avoid storing personal information on your phone

Your phone may seem like an ideal place to store notes, passwords, logins, and other personal information since you almost always have it to hand, but this can be very dangerous if your phone is ever stolen or hacked.

Make a habit of clearing sensitive information from your phone on a regular basis. Make sure to include the following:

• Private documents
• Confidential emails
• Screenshots of logins, passwords or personal information
• Notes with personal information
• Photos of private documents (e.g. photos of your passport or travel documents)
• Geotagged photos