Mobile Devices: Protect and Defend – Part 3

The Risks of Connecting to the World 

In the first two parts of mobile device fraud, risks associated with physical and communication exposures were reviewed. In this final portion, connectivity risks will be explored and risk management tips offered to help mitigate exposures.

The nature of technology today allows devices to connect through multiple networks, systems and even accessories. Scammers and hackers have engineered ways to take advantage of the vulnerabilities present to steal data or even take control of devices. Through location tracking, open WiFi, and Bluetooth connections, exposures to fraud exist.

Location tracking through Global Positioning System (GPS) is used to provide locations for navigation apps, weather updates, Amber Alerts and Facebook updates. Updates to social media provide information about where you are – or aren’t – and can be used against you. This information helps scammers identify patterns about where you visit and when, your routine, and the location of your house, work, kids’ schools, church, etc. Blocking this information helps to reduce your social media footprint, and can be accomplished by turning off the camera geotagging function, turning off GPS or location services when not being used, and turning-off automatic check-ins to be selective about what is shared.

Beware of Public and Rogue WiFi Connections

WiFi networks work by allowing connection to free, or open-access, hotspots. Many businesses or organizations offer access, but these open-access connections are not secure. Hackers can tamper with this access, and gain access to user activity and data. Rogue WiFi networks, known as “evil twins” are becoming more and more popular. These networks appear legitimate and mimic real WiFi networks nearby (YMCA Member WiFi instead of YMCA WiFi). Being tricked into connecting to a rogue hotspot allows hackers to snoop on your activity or expose the device to malware. To avoid this exposure, turn off WiFi when not in use to control access, and don’t allow devices to “automatically connect.” Ask for confirmation from an employee for the name of the WiFi network if you’re unsure, and don’t enter personal information unless using a secure website (https). Finally, avoid shopping and banking on public WiFi networks.

Don’t Unwittingly Connect to Bluetooth Hackers

Bluetooth, often called “handsfree connectivity”, allows the user to interact with a device through a car, headphones, speakers, and other accessories as the Internet of Things becomes more prevalent. When Bluetooth is activated (discoverable) the user can connect (or pair) with these other devices. Every time a user connects, something or someone is being granted access to the device. Hackers can use Bluetooth signals to find your device and communicate through the electronic conversation taking place. Successful Bluetooth hackers send unsolicited messages, can view content on the device, and in some situations can take control of the device putting personal or business information at compromise. To keep safe from these hackers be sure the device does not activate Bluetooth when not in use (turn Bluetooth off). Users should never accept pairings with unknown devices, and when ending a connection the users should know how to clear shared data when finished (rental cars are a perfect example). Like all things electronic, updates should be performed regularly to ensure protection from the latest known threats and to address bug fixes.

Make Sure Your Financial Institution Clients Have the Right Coverage

Make sure your customers have the right insurance coverage from the Financial Institution experts, Berkley FinSecure.  Contact any one of us below for help in making sure your FI customers are protected!

Experts focused on your protection.

We deliver.