Every day, millions of Americans use their electronic devices while out shopping, having coffee, or changing planes, often without a thought about the wireless networks they’re using. Unfortunately, those networks could be making everyone’s favorite devices vulnerable to viruses or malware attacks.
For example, in the summer of 2015, flaws were discovered in both Apple and Android devices that could allow hackers to install harmful malware on a phone without the user even being aware that the phone had been compromised.
iPhones and MacBooks
A serious vulnerability was found in iOS 8.4.1 (for iPhones) and OSX Yosemite (for MacBooks) that allowed hackers to access and install malware via the Bluetooth-enabled feature Airdrop. If a hacker is in range of your device, all he or she had to do is drop the malicious app onto it, without your knowledge or permission, using a wireless network. Then, the malware simply installed itself the next time you turn on the device.
Thanks to Apple’s design, the amount of user data to which a hacker could gain access to is limited.
Even so, hackers might be able to track the location of your phone or make in-app purchases through your iTunes account.
Here are two simple steps you can take to help protect your iPhone or MacBook from attack:
- Upgrade your iPhone to the iOS 9 operating system, which includes a fix for this problem.
- If you don’t want to update your MacBook’s operating system, disable Airdrop or your computer’s Bluetooth feature to help keep your device secure.
Android devices recently had their own set of security challenges. A security analyst in Texas discovered a simple way to bypass the lock screen on his own phone, which was running the widely used version 5 of the Android OS. Although a hacker would have to be in possession of the phone to bypass the screen, the weakness can allow easy access to all of the apps and data the phone has to offer.
This discovery came on the heels of another flaw, called Stagefright, which is even more dangerous. A mobile security researcher at Zimperium Labs found that the Stagefright flaw exposes devices via text messages that send a video file containing a piece of malicious code to a ’victim’s Android device. Because Android phones begin to process video automatically, hackers could use this tactic to steal data or take control of apps.
Here are some steps you can take to help secure your Android devices:
The lock screen bypass
- Don’t leave your phone unattended. A hacker has to have your phone in his or her possession to bypass the lock screen.
- If you currently use a password to protect your phone, you might want to change to a PIN or pattern instead.
- Some phone carriers have issued a patch for this problem, so always keep your device’s software up to date.
- Check with your carrier to see if it has issued a software update to fix this weakness. If so, follow the carrier’s instructions to update your device.
- If your carrier doesn’t yet have an update, look into how you can take steps yourself to disable the automatic download function that allows Stagefright to obtain access to your phone.
Protect your wireless network
Although updating the software on all of your devices can provide an important layer of protection, the best strategy to help protect your devices is to keep your own wireless network safe and secure. You can do so by taking the following steps:
- Encrypt your wireless network.
- Confirm that your router is secure.
- Limit outside access to your network.
- Ensure that your network is secure during mobile access.
Taking these steps now may help you keep your favorite mobile devices free of viruses and malware, both at home and on the go.
The information contained in this blog post is designed to generally educate and inform visitors to the Equifax Finance Blog. The blog posts do not give, and should not be assumed to provide, personalized tax, investment, real estate, legal, retirement, credit, personal financial, or other professional advice. Before making any financial decision, you should always consult with the appropriate professionals who can explain your options, rights, and legal responsibilities, and advise you on any tax, legal, credit, or business implications that may result from those decisions. The views and opinions expressed by the authors of blog posts are their own views and may not be the views or opinions of Equifax, Inc. and/or its affiliates.