There are conflicting statistics on the use of passwords to protect personal information on mobile phones. And none of the figures are encouraging.
The smartphones many of us carry allow us to buy things, search the Internet, do online banking and store personal information. Because many of us rely so heavily on the devices, they are attractive to thieves, who love to get their hands on as much of our personal and financial information as they can.
Protecting that data seems to be the last thing on our minds. An article on About.com (part of the New York Times) estimates that only half of all smartphone users protect their information with a password. The figure is just slightly better in the United Kingdom, where the security firm Credant Technologies figures that 40 percent of those who own smartphones use a password.
Credant’s survey reveals 80 percent of cellphone users in the U.K. store information on their phones that thieves could use to steal their identities:
• 16 percent store details of their bank accounts;
• 24 percent store their personal identification numbers and passwords; and
• 10 percent store credit card information.
The vast majority of our British friends (99 percent) use their phones for business purposes, even though 26 percent of their employers have told them not to. The prospects of business information being stolen are truly scary, as demonstrated by some recent computer hacks.
The possibility that your phone secrets could be stolen is not a remote one. Americans lost an estimated $30 billion worth of mobile phones last year, according to Lookout Mobile Security Co. Another security firm, Symantec, “lost” 50 phones to see what would happen. In 89 percent of the cases, a finder (or thief) tried to look at the owner’s personal data. Half the finders returned them. But someone accessed a “saved passwords” file in 57 percent of the phones, and in 43 percent someone tried to access an online banking app.
Prevent problems in case you lose your phone by doing several things:
• Use a strong password. Don’t use 123456, your birthday, “password” or something else a crook could guess. Combine capital and small letters, numbers and symbols if possible in a combination only you know.
• Wipe it clean. Most smartphones have the capability to be erased remotely, either by you or an information technology professional. All the major smartphone platforms offer this feature. Use it if you lose it.
• Lock it. If your phone offers full-disc encryption, use it. While not foolproof, it’s the best, most practical way of keeping your data away from prying eyes.
• Consider having a virtual private network, or VPN. This allows you to search the Web anonymously. If a thief ends up with your phone, your search data will be encrypted in a VPN instead of being accessible.
While using your phone, be as savvy as when using your computer at home. Thieves recently have adopted a topic known as “smishing,” which is sending automated voicemail messages to mobile devices. The more familiar term “phishing” involves sending hoax emails to computers.
The result can be the same, however. The automated voices can sound quite sophisticated, and warnings that “your account is in jeopardy” can seem alarmingly real. Be extra careful of any text message that contains a link; clicking it could make the information on your phone available to people you don’t know (and probably wouldn’t trust if you did).
For a good primer on smishing scams, visit www.dailyfinance.com/2012/05/30/smishing-scams-sorry-you-did-not-win-a-1-000-target-gift-card.
Consumer Forum is a collaboration of the Bangor Daily News and Northeast CONTACT, Maine’s membership-funded, nonprofit consumer organization. Individual and business memberships are available at modest rates. For assistance with consumer-related issues, including consumer fraud and identity theft, or for information, write Consumer Forum, P.O. Box 486, Brewer 04412, visit necontact.wordpress.com or email firstname.lastname@example.org.