printer friendly version

Securing your mobile life

Smartphones and tablets have become normal accessories to most people, to the extent that it isn’t unusual for someone to have more than one device and/or SIM card for different purposes. And while the utility of these portable devices is immense, this normality has resulted in many people putting themselves at risk in their day-to-day use of these gadgets.

Ilonka Badenhorst, GM of the Wireless Application Service Providers’ Association (WASPA), explains that cybersecurity is not top of mind when people use their mobile devices. Some people have the misconception (as many do when using computers and laptops) that if they have an antivirus application on their system then all will be well.

In the mobile space, as in the general IT space, the biggest risk we face is the human factor. This applies to devices used for business as well as personal use. Badenhorst says most risky activity is a result of ignorance or carelessness. For example, loading any app that looks interesting and granting it all the permissions it asks for without asking why.

This is a sure way to find yourself infested with adware or spyware, at the very least. Users can also find themselves infected with malware that automatically attempts to infect their contacts, or ransomware that can encrypt their device until they pay a fee.

With billions of devices connected to the Internet, allowing unrestricted access to your gadgets is a recipe for disaster. Even smartwatches are connected to your phone and can be targeted, and smart home devices are just as vulnerable. Even an SMS can be risky as a message can be faked to look like a legitimate message from your bank or local tax authority.

Needless to say, if your device is also used for business, careless personal use can put your company at risk.

What to do?

Badenhorst explains that there are some simple, non-technical actions users can take to secure themselves. While not an exhaustive list, the following should be standard practice:

- Lock your devices with a password or PIN, and/or with the biometric options available. This will prevent unauthorised access.

- Download apps only from the official app stores. Moreover, even when getting an app from those stores, pay attention to the permissions. It’s quick and convenient to simply say yes to everything, but the risks are high. Ask why. Why does this app want access to your location or contacts? Is the permission necessary for the app to work?

- Take care when receiving messages that try to persuade you to click on a link. If the message tries to create an emotion, like excitement or fear (like an unauthorised login to your bank account), think twice. If you have to click on a link to log into your bank or SARS, type the link into your browser yourself rather than blindly following the link.

- When accessing a website, make sure it is the correct site and not a fake one designed to collect your login details and other personal information.

- Also ask why if you get a message on email or SMS that tries to get you to quickly do something to prevent something bad happening. For business people, if your boss requires you to do something in a rush, something out of the ordinary such as making a payment immediately, you can always call to confirm.

- Regularly check your bank account, credit card and mobile account statements for unusual deductions.

Stopping the spammers

Another frustration many have to deal with is SMS spam. This is legal, but annoying. If you want your number to be removed from the spammers’ contact lists, Badenhorst says you can go to the WASPA website (www.waspa.org.za). Most ethical companies are registered with WASPA and if you enter your number on the ‘Do Not Contact’ list (https://dnc.org.za/), the spam will cease. If it doesn’t, you know the company concerned is not registered with WASPA, or if it is, you can contact the association and they will take it further.

The consumer support section of the WASPA website also allows consumers to contact the association and lodge a complaint (if a company is registered but does not respect the Do Not Connect request, for example). Other support is available at www.waspa.org.za/consumer-support/

Share this article:

Further reading: