Why You Should Do More to Secure Your Smartphone

×
Most Americans don't secure their smartphones
Lintao Zhang/Getty Images
By Herb Weisbaum | @TheConsumerman

If your cellphone were lost or stolen, you'd probably freak out, right?

Just think of all the sensitive personal information that's on your mobile device: contacts, passwords and PINS, maybe credit card or bank account numbers. And what about all of those personal pictures and texts -- maybe a bit too personal, that are stored on that device. Would you want someone else to see them?

And yet, most people don't take even the basic steps to secure their mobile device. A new nationwide survey by Consumer Reports found that 34 percent of all smartphone owners do absolutely nothing, not even a simple code to lock the screen.

"This is one of the reasons why so many people's accounts get hacked when their mobile phone is lost or stolen," said security expert Robert Siciliano with BestIDTheftCompanys.com. "When the device is not password protected, anyone who finds or steals it has direct access to all of your accounts that automatically log-in as soon as an application is launched."

Consumer Reports found that only 36 percent of the smartphone users have set a 4-digit PIN to lock their phone.

"Four digits are better than nothing, but the strongest passcodes have at least eight digits in them and have a mix of letters, numbers and symbols," said Mike Gikas, a senior electronics editor at the magazine.

Even fewer people take more aggressive measures to protect the data on their phone, such as:
  • Install software that can find the phone if it's lost: 22 percent
  • Install an antivirus app: 14 percent
  • Use a PIN longer than 4 digits, a password or unlock pattern: 11 percent
  • Install software that can erase the data on the phone: 8 percent
  • Use security features other than screen lock, such as encryption: 7 percent
"I'm not surprised by these low numbers," said Timo Hirvonen, a senior researcher at the global security firm F-Secure. "Most people don't see the need for security on their mobile devices. This is very short-sighted considering the kinds of information people have on them and access with them."

The world is going mobile -- and so are criminals.
That smartphone you carry around with you all day long is now a lucrative target for cyber-thieves who want to gain access to your personal information.

"That smartphone is a computer, like any other, and there's just as much risk of being a victim if you don't take the proper security precautions," said Alphonse Pascual, a senior analyst for security, risk and fraud at Javelin Strategy & Research. "Criminals are targeting those devices and people need to understand that."

Malware is a very real threat, especially for Android devices. The same type of viruses and other malicious software that can infect your desktop or laptop -- and spy on everything you do – are now being launched at mobile devices.

"They can record your user names and passwords, the websites you visit, the text messages or emails you send and receive -- it's pretty scary," Siciliano said. "You need to protect your mobile devices with antivirus, anti-spyware and other security software."

Here are some other things you can do:
  • Set the phone to lock after one minute or less.
  • Does your phone have a setting that will erase all the data if there are too many -- typically more than 10 -- unsuccessful attempts to enter the password? If so, enable it.
  • Update the operating systems, apps and programs as soon as you are notified. These updates often contain security enhancements and patches for vulnerabilities.
  • Use a "find my phone" app that lets you locate the phone if it's lost or stolen and erase all the data remotely.
  • Stick with trusted app stores. This won't guarantee "clean" software, but it will greatly reduce the risk.
  • Don't click links in an email, text or social network on your mobile device. It could lead you down a rat hole.
Consumer Reports estimates that more than 4 million smartphones were stolen or lost (and never recovered) last year. Should this happen to you, change the passwords and PINs on all of your accounts. If you use your mobile device to shop or bank, contact your financial institution and credit card companies. You should also file a police report. You may need this to dispute fraudulent charges on your credit or debit card account.

The editors at Consumer Reports have just published 5 Steps to Protect Your Smartphone from Theft or Loss.


More from CNBC


Increase your money and finance knowledge from home

Goal Setting

Want to succeed? Then you need goals!

View Course »

Managing your Portfolio

Keeping your portfolio and financial life fit!

View Course »