Protect Your Cell Phone From Hackers | Best Practices

Image by Thomas Ulrich from Pixabay

Physical Access

Keep your phone with you at all times, never leave it unattended when you in public. A hacker can easily install a malicious app in less than a minute. If you walk away from your phone for any reason, this is an opportunity for somone to take advantage.


Passwords & PINs

Use complex passwords or PINs. Do not use easily guessable passwords like “password123” or “123456”. As well as not using PINs like “1234” or “0000”.

Another no-no is to use the same password or PIN on your screen unlock and your apps. You should be using unique passwords for your apps/accounts. Use a password manager to keep track.


Find My Device

Both Apple (IOS) and Google (Android) have a “Find My Device” app to help you find your device. The app can also lock your phone, make your phone ring, and even erase your phone.

Google – Android

  1. Go to android.com/find and sign in to your Google Account.
    • If you have more than one phone, click the lost phone at the top of the screen.
    • If your lost phone has more than one user profile, sign in with a Google Account that’s on the main profile. Learn about user profiles.
  2. The lost phone gets a notification.
  3. On the map, you’ll get info about where the phone is.
    • The location is approximate and might not be accurate.
    • If your phone can’t be found, you’ll see its last known location, if available.
  4. Pick what you want to do. If needed, first click Enable lock & erase.
    • Play sound: Rings your phone at full volume for 5 minutes, even if it’s set to silent or vibrate.
    • Secure device: Locks your phone with your PIN, pattern, or password. If you don’t have a lock, you can set one. To help someone return your phone to you, you can add a message or phone number to the lock screen.
    • Erase device: Permanently deletes all data on your phone (but might not delete SD cards). After you erase, Find My Device won’t work on the phone.
      Important: If you find your phone after erasing, you’ll likely need your Google Account password to use it again. Learn about device protection.

Tip: If you’ve linked your phone to Google, you can find or ring it by searching for find my phone on google.com.

Apple – IOS

See it on a map
  1. Open the Find My app.
  2. Choose the Devices or Items tab.
  3. Select the device or item to see its location on the map. If you belong to a Family Sharing group, you can see the devices in your group.
  4. Choose Directions to open its location in Maps.
Play a sound
  1. Open the Find My app.
  2. Choose the Devices tab or the Items tab.
  3. Select your missing device or item, then choose Play Sound. If your device is offline, it won’t play a sound until it connects to a network. If the AirTag attached to your item is out of Bluetooth range, your AirTag won’t play a sound until it’s within range. 
Mark your device as lost or turn on Lost Mode for your item
  1. Open the Find My app and choose the Devices tab or the Items tab.
  2. Select your missing device or item.
  3. Scroll down to Mark As Lost or Lost Mode and select Activate or Enable.
  4. Follow the onscreen steps if you want your contact information to display on your missing device or item, or if you want to enter a custom message asking the finder of your missing device to contact you.
  5. Select Activate.
Erase a device
  1. Make sure you try the steps above to recover your missing device—this can’t be undone. 
  2. Open the Find My app and choose the Devices tab.
  3. Select the device you want to remotely erase.
  4. Scroll down and choose Erase This Device.
  5. Select Erase This [device].

Avoid Using Public Wi-Fi

Using Wi-Fi at coffee shops, hotels, events, or any other public location can be risky.

When you connect to these networks, you and everyone else connected can now see each other’s devices. A hacker can spy on your connection and gather sensitive information about you.

If you have to use public Wi-Fi, then I highly recommend using a VPN.


Apps

Only install apps from reputable companies. Before installing any app, look at reviews and research the app or company before installing.

Do not sideload or jailbreak your phone to install apps, this only increases your chance of installing malware or a virus. These malicious apps can collect your personal information to be used to gain access to your accounts and/or send you a phishing text or email.

When you install an app, it will likely request access to various items like your camera, contacts, location, etc…

Only allow access to items you know it will need, otherwise disallow access. It’s also good practice to review app permissions on a regular basis. This is a good time to uninstall apps that you don’t use as well.

Here’s how to check permissions on apps you have installed:

Android
  • Go to Settings > Privacy > Permission manager
  • You will see a list of device features, click on one of them to see which apps have permission
  • Adjust appropriately
IOS
  • Go to Settings > Privacy > Permission manager
  • You will see a list of device features, click on one of them to see which apps have permission
  • Adjust appropriately

Keep Apps & OS Up to Date

Most phones will automatically update, but they may not be getting updates if your phone is a few years old because it is not supported anymore. If you do have an older phone, you may consider getting a newer phone.

Iff you don’t want to replace your phone, then minimize your activity on your phone. Don’t do anything with sensitive information like online banking or logging into your email.


Additional Tips

  • Disable the “smart unlock” feature. Some devices allow you to automatically unlock itself when your smartwatch is nearby or you are in a defined location, like home or work.
  • Avoid using public charging ports. Hackers can place a compromised charging port that can attempt to gain access to your phone data, record your screen, keylog any buttons pressed.
  • Disable “Allow Siri When Locked” function. Settings > Siri and Search > Disable the Allow Siri When Locked
  • Enable two-factor authentication. Use 2FA on your accounts. This is a second verification method after you enter your password or PIN. find out more on 2FA
  • Enable screen timeout. Set your screen timeout to 10 seconds or less & have it lock once the screen times out.

Share your love