Identity Theft Dangers on Your Real-Life Device
Identity theft relies on the collection of personal information and private details from an unsuspecting victim and their real-life device.
This information is collected through sophisticated techniques that include website & e-mail spoofing, card cloning, false password recovery, account hacking, spam sending, spyware installation and social engineering – but techniques do not always have to be sophisticated or occur online.
Billions of people use a smartphone every day. We access our social media, we log into our banking platforms, we order food for delivery, we absorb content and we speak to our friends, family, and enemies.
When a smartphone changes hands from one owner to the next, it is not just the phone that goes to the new owner; it is everything you have ever accessed, saved, or thought to look up.
Would you like to sell your used smartphone – or has your phone been stolen and changed owners without your permission? Here is what you should know about protecting your data.
What is in a Device?
Devices are data banks that can contain access to an entire lifetime of information, and almost everyone owns a smartphone.
Identity theft used to be cumbersome and require the slow, deliberate gathering of information through a variety of combined techniques. Today, all a scammer would need to access the same information is access to someone's smartphone – and they might even end up with some extras, like an entire list of contacts to exploit from there.
Has your smartphone been stolen? Then your information might be at risk.
Have you thought of selling your smartphone instead? While this is a voluntary choice you will get paid for, the same is true when it comes to your information. ("The dangers of selling your smartphone second-hand in South Africa"; MyBroadband.co.za)
Sale Protection: When Selling Your Smartphone
Selling your smartphone?
Preventative measures are best when you would like to put an old phone on the market. Safety measures are also advised when meeting a buyer (or seller) in person – including arranging a meeting in a central, public location during a reasonable time of day.
Here is how to better protect the information that has been held on an old device from ending up in the wrong hands:
- Restore to Factory Settings:
Sending your phone back to factory settings means the deletion of saved information and settings the phone might hold. It brings the device back to the “out-of-the-box” parameters – and usually removes saved caches, history, and files. There is usually a specific setting or key-combination to trigger this; research your individual device model with the words “factory restore” to find out how.
- Remove Data Cards:
Many people have sold their devices only to realize later that they had left their memory card in the phone. Usually, it is too late to get this information back – and by then, it could have been copied or transferred a thousand times over. Always remember to check a phone you would like to sell to ensure that you did not forget any memory cards in the device.
- Log Out Accounts:
If you've used your device or browser with any accounts (including banking, social media and cloud services), make sure that you've logged out all of your accounts – from all of the different browsers that you might have used. Forgetting to log out is one of the most common mistakes out there, and one of the most common ones that identity thieves can exploit just because it is there.
- Log Out (All) Accounts:
Once you imagine that you have logged out of all the accounts, double check. A great deal of smartphones keeps Accounts (like Gmail) under Settings – and logging out of your browser could still leave some of these services logged in without realizing it. Factory settings should erase this by default, but it always helps to check.
- Remove Your Apps:
While going back to factory settings should also remove all apps on your device, double-check before letting it out of your sight. Settings > Apps should show any apps that are still installed just in case anything was missed.
- The File Manager:
A lot of forgotten data can also lie hidden in a phone's file manager – often the first place a would-be scammer would go to dig for more. Downloaded files hide in the File Manager, available for access under the phone's main Settings. Always check it, and always make sure that no files betray your personal information here even if you have cleared everything else.
- Keyboard Settings:
Check your keyboard settings, too. (That's the gear button on the keyboard itself, usually.) The keyboard settings can contain a record of everything you have typed on the device – and might also contain additional data like e-mail addresses that were frequently typed in through to a heat map of what you've typed most. Factory settings should clear this, but it is another setting to always check.
Stolen Smartphones: What Next?
A smartphone can be stolen in a myriad of ways, but all these different ways will have one element in common: suddenly and at some point, you will realize that your smartphone is not where you remember.
If your smartphone has been stolen, here is what to do:
- Enable Passwords (Beforehand):
If your smartphone is locked with a voice print, a fingerprint or a pass-code, it's naturally harder to break into – and while this isn't going to stop a more advanced scammer from accessing anything, it might cause a delay that makes them a little easier to catch while giving you time to save your information.
- Opening a Case:
Open a case and make a statement. Once a device has been stolen, the information might be at risk – and a statement of events sets this having happened in stone and can be referred to later should this become important after identity theft has occurred.
- Find My Phone:
Smartphones have many ways to locate themselves; iPhones have the Find My Phone feature, while Google users can track the location of their smartphone live should they have this setting enabled. Do not put this information to use for vigilante justice: instead, forward this information to law enforcement authorities to aid them in tracking the suspect.
- Logging Out:
The majority of online accounts have an option to log out of all signed-in devices. This is the first thing you should look for (on any accounts that you can remember) should a smartphone have been stolen. It is one of the first things that can protect scammers from accessing anything.
- Remote Switch-Off:
Many smartphones makes can have an app installed for remote switch-off, does yours? It should! With the original receipts and details found in the device box (and usually, a case number of an official theft having occurred), a device can be remotely switched off by contacting the manufacturer, network or regulatory authority for devices in your country. (This can render the stolen device useless to a scammer, but only if you have the original purchase information on-hand.)
This is a guest post by Alex J Coyne.
IT GOVERNANCE LIMITED DISCLOSURE: Identity-Theft-Scout.com is participating in the IT Governance Limited Affiliate Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to their affiliate platform.