We use them to find partners, connect with friends and family; we stalk our exes, we capture unforgettable moments with them. They’re our encyclopedias, our DIY guides, our calculators, our diaries, our private DJs. Our phones are such a central part of our daily lives, it’s no wonder then that, according to researchers, the average person taps, swipes and clicks their phone more than 2,000 times a day. All of this makes your mobile device the easiest way for fraudsters to access all the personal data they’re after.
For your mobile phone to keep you connected to the world – and the world connected to you – it contains a lot of personal information, particularly if you use it for banking. It’s important to keep this incredible tool, and the information stored on it, safely out of the hands of fraudsters.
How can fraudsters use your cellphone to access sensitive information?
There are many different ways that fraudsters can use your mobile phone to access sensitive information.
Snatch and grab:
Thieves snatch a phone out of a user’s hand in the hope that it is unlocked and applications are open. They will then gather as much sensitive information as they can to access your bank accounts.
Mobile phones, mobile banking apps and any device or app that stores personal information – especially payment details – are designed and continuously updated with your security in mind. This is one of the reasons why cybercriminals focus on scamming people instead of trying to hack into phones using the following techniques:
- Vishing: A cybercriminal will pose as an agent from a legitimate organisation to try to convince you to transfer money over the phone or to share a One Time Pin (OTP).
- Phishing: Attachments are sent to you that appear to come from genuine companies but are fraudulent and are designed to get you to share sensitive information, such as personal details and passwords.
- Smishing: This scam uses an SMS to trick you into sharing sensitive information, such as PINs, passwords or OTPs.
- Shoulder surfing: We all know how important it is to protect our PINs at ATMs, but the same is true of mobile phone login details. ‘Shoulder surfers’ will pay careful attention to your logins at restaurants and other public areas.
Hacking your phone: If social engineering doesn’t work, there are many ways to sneak malicious software on to mobile phones as well.
- Downloading malicious apps: The most common method hackers use to spread malware is through apps and downloads. Malware, or malicious software, is designed to steal sensitive data. Download the official TymeBank app to prevent yourself from using any malicious apps when cellphone banking.
- Opening suspicious emails: If you access your personal or business emails through your mobile device, and if you then open suspicious emails and click on the link, hackers can install malware on your phone.
- Using non-secure wifi: Using unsecured wifi opens you up to ‘man in the middle attacks’. A cybercriminal on the same wifi network can eavesdrop on your device, transferring data and even collecting logins and account information if you open your banking app.
How to keep your info (and your cash) safe
Scary stuff, right? While our phones may be the targets of society’s dodgiest, there’s no reason you shouldn’t use your phone to organise your life (and that includes banking!). You just need to be smart about how you use it and take certain steps to protect yourself. Here’s how.
Keep it locked
Having a passcode may raise the eyebrow of a jealous partner, but more importantly it adds a layer of security between yourself and any fraudster who may get their hands on your device. Lock your phone with a passcode, facial recognition or fingerprint. And don’t use the same code to unlock your phone as you have for your PIN.
Keep your private info private
Don’t share your passcodes with anyone; don’t save your passwords on your phone (particularly PIN numbers or online banking details) and only ever use your own device to log in to your banking. Using another device to access your banking requires your passcodes, which can then be accessed by a crafty fraudster.
Be smart about your apps
Update your phone’s operating system regularly. Operating systems and apps are continually being updated to protect you from cyber criminals. Stay up to date to keep them out. Only download apps from Apple and Google’s app stores. These apps are verified and it’s rare for a malicious app to slip through. If one does, it is quickly discovered and removed. Don’t download apps from websites.
Do some housekeeping
There are apps that will erase your phone’s contents if it’s stolen. Also, remember to completely wipe the contents of your mobile device when you upgrade or sell it.
Don’t click on suspicious links. If an email or SMS looks suspicious in any way, delete it immediately. Something else to be wary of is using public wifi. If you must use public wifi, use it as quickly as possible, don’t do any banking or open sensitive apps, and don’t use wifi that requires no passwords at all. Of course, you also need to keep your phone secure in a handbag, backpack or zipped pockets – pickpockets are everywhere.
Don’t overshare with strangers
Good life advice, sure, but it’s also true for keeping your personal info safe. Verify any phone calls requesting sensitive data. If you receive a call asking for banking details or any sensitive information, end the call, find the company’s legitimate number online (not the number you received the call from) and verify it. It’s also important to remember that TymeBank will never request sensitive information, PINs, OTPs or any other details via phone, SMS or email.
Remember, TymeBank is serious about security. We keep your money safe with regular security updates and we verify transactions using OTPs to make sure it’s really you spending your money.
If your phone is lost or stolen or you receive a notification that you didn’t request (such as an OTP):
Contact us immediately on 0860 999 119 to block your bank account and deactivate your digital banking profile. And DO NOT share that OTP with anyone.
You should also then contact your mobile service provider to block your SIM card and handset to prevent criminals from getting any One Time Pins for fraudulent transactions.