Your mobile phone has some built-in security features. For example, Android runs 2.5 billion devices with an operating system and built-in safeguards. The iOS iPhone likewise employs passcode and touch/face ID to prevent unauthorized use and automatic data encryption. Both Android and Apple’s iOS provide regular security and operating updates.
Traditional viruses don't work on smartphones
The good news is that neither platform is susceptible to traditional virus infections. Those viruses are not designed for and cannot operate within the PC and Mac systems' programming parameters.
However, there are worse threats than viruses
Even though there is no such thing as a "phone virus," there are much higher risks where your mobile device can be targeted through:
- Malicious apps downloaded to your smartphone to leak and steal personal and business data
- Malware from attachments or links in a text message (i.e., "smishing")
- Content downloaded from the internet while attached to a Wi-Fi network (man-in-the-middle attacks)
About those threats…
Malicious apps can go after your data and take over your phone.
While Google and Apple have safeguards against hosting and allowing users to download malicious apps, you should still be wary of doing a bit of independent research before downloading new apps.
Android has lately been plagued by malicious apps hosted in the Google Play Store. Researchers at Avast found 47 apps on Play Store with stealth features and intrusive ads. They employ a family of Trojans disguising themselves as games but end up as disappearing icons with hidden ad generators displaying popup ads without the user's permission.
Smartphone Smishing dupes users into downloading harmful malware.
Smishing is like phishing, except, instead of baiting the hook with email, fraudsters use instant messages to the victim's smartphone. The goal is to trick you into opening an attachment or clicking on a link to route you to a fraudulent website that will open the door to a variety of problems.
Your smartphone can be the gateway to infected internet data in a MITM attack.
With the proliferation of free public Wi-Fi hotspots nowadays, it is tempting to conserve data and plug into Wi-Fi for free. The main problem with public Wi-Fi is that it is insecure. If you sign on without the protection of a VPN, you expose yourself to a so-called "man-in-the-middle" (MITM) attack.
Think of a MITM as a spy who can listen to everything you are doing on the internet. You could be in an airport or coffee shop doing banking or credit card transactions on your smartphone. The MITM could jump in and send you a bogus warning message and ask you to reverify your login credentials.
So, your best bet is never to log into an unsecured public Wi-Fi service unless you are using a mobile VPN service. The VPN masks your presence and tunnels your data through an encrypted connection to a remote server.
Steps you can take to protect your smartphone privacy
As mobile devices become bigger targets for hackers and given their susceptibility to loss or theft, you can take positive steps to keep yourself safe from hackers, thieves, and bad luck. Here are some suggestions:
1. Set an easy-to-remember, but hard to crack the password to open your phone and access sensitive apps. Android devices automatically wipe the phone's data after ten failed attempts. In iOS, users can turn on this feature. Both cases provide a self-destruct insurance policy.
2. Set your phone to lock when not in use automatically. Choose the shortest time allowed to have your phone go into the sleep mode, requiring your passcode to open it. This is a smart security practice if you are distracted and forget to put your device to sleep. Also, it saves your battery.
3. Don't neglect those OS updates. Make sure your phone has the latest operating system updates. Those updates are typically security patches and system upgrades in response to newly discovered threats and security weaknesses.
4. Watch those downloads. As previously mentioned, downloading apps can be hazardous to your smartphone. Never "sideload" apps by bypassing the Google Play or Mac App stores. Do some additional research to make sure the app provider is reputable and trusted.
5. Protect your data—encrypt it.
Smartphones hold tons of data. Lose the phone, and you are exposing much of your social and business life. Your phone has encryption settings that can be enabled in the security menu.
For Apple devices, data encryption is enabled when the passcode and face/touch ID is set. To encrypt an Android, the device must be 80% charged and, if necessary, unrooted. The Android can be encrypted in the security menu.
Caution: Make sure the Android device is sufficiently charged. If you don't unroot it or interrupt the encryption process, you could lose all your data.
Install anti-malware and VPN software. Think of your smartphone as a pocket-sized computer that does everything your desktop or laptop can, but on a small screen, requiring the same additional protection.