Look around you today, and you will see that the smartphone revolution is happening faster than we can have a grasp of. At that pace, it is interesting to note that Android is leading the pack by a huge margin.
Of course, when we have amazing units like the Samsung Galaxy Note 10 Galaxy Note 10 Plus, Huawei Y9 2019, Tecno Pouvoir 3 Air and such other impressive devices from different OEMs, there would be a better penetration. However, this is not the post where we brag about how great Android is.
It is, rather, a wakeup call that the commonness of Android means hackers are targeting them far more than other devices since they stand to gain a lot from a successful breach of this platform. In this article, we explore a comprehensive list of tips to make your Phone a mobile stronghold
What is my OEM doing about this?
Honestly, device manufacturers have put in a lot of fail-safes to protect users against the basic forms of attacks. Due to other factors – human error, advanced attacks, et al – these attacks still happen.
For example, Google will send out security updates every month to patch up the security issues they found in the previous month. In the same way, they will publish a list of erring apps that you should get off your devices ASAP. Likewise, your OEMs will add extra layers of security on the skin of the Android software.
Unfortunately, all that is not enough against advanced attacks which can take diverse forms.
What can I do about this?
So that you are not only depending on the barebones security package which your Android phone brings with it out of the box, here are some tips to ensure that the piece of hardware on your hand doesn't become a personal threat to your data security and privacy.
1. Install Updates Religiously
This is a piece of advice that forks in three different ways. Before we go into all that, though, what makes updating your device important at all?
When developers send out an update to the already existing piece of software, they sometimes do so to improve the aesthetics of the device. This can be seen with the likes of Samsung rolling out the One UI update, or OnePlus fixing their custom skin for better effects.
More often than not, though, these updates have been sent to fix an issue. Now, this issue could be a user experience case or a security problem that holds dire consequences.
Putting things in context, WhatsApp once sent out a patch to fix a problem where an Israeli spy bug could be used to track all your communication. At the same time, Samsung recently sent out an update that fixed an issue on its Galaxy S10 devices which allowed just anyone to unlock the phones with a strange fingerprint.
Looking at this trend, you will see that it is important to:
Update your device firmware regularly
Update your apps regularly and
Upgrade your software once that becomes available.
Here, we should also mention the importance of buying from a manufacturer known to regularly update their units with the monthly Android security patch – as well as internal software bug killers too.
2. Never sideload apps
The first time you ever try to install an app from outside the Google Play Store, you will notice a popup notification against that. Should you strongly wish to install such an app, though, there are instructions on how to change certain permissions from your device settings.
Google is not doing this so that they can keep 'selling' apps on the Play Store, seeing as a large percentage of the apps there are free anyways.
All applications and games on the app store have been reviewed by Google's in-house team of software engineers and developers. They have also certified that these apps are safe for you and do not contain malicious code which could be used to take over your device or steal your information.
Thus, when you install an app from outside the Play Store, you are leaving yourself at risk of the above problems.
We believe there are just so many alternatives to consider rather than putting yourself at risk of downloading an app elsewhere. That brings us to the next point…
3. Only install trusted apps
Even though you are installing from the Google Play Store, that does not mean the app is safe.
Recall how we said Google's team looks at all the codes before allowing the apps and games to go live? Well, they are human too, and they will make a mistake from time to time. That is why we have had numerous cases of malware being smuggled onto the Play Store.
Of course, most of these are apps that would have looked suspicious to you anyways. Some are disguised to look perfect, but not all of them.
4. Download a Password Manager
It's a sad truth, but we are getting lazier with passwords every day.
The fact that phones like the iPhone X and its brothers come with Face ID, and a lot of Android phones now carry fingerprint unlock systems too, is contributing to this problem. After all, why set a strong password when you could just unlock your device with your unique face or fingerprint, right? Wrong!
Think about what happens when you leave your phone behind and someone hacks into it to copy sensitive information just by guessing your weak password.
Leaving that for a moment, online accounts also suffer from our poor password habits. Some of us set 8-character passwords – something Edward Snowden says can be hacked in mere seconds – and forget about it. Some of us even use the same password for multiple accounts.
Doing all that is setting one's self up for a fatal cyber breach.
With a password manager, you get to generate highly secure passwords which will take years to hack for every one of your accounts. Likewise, the password manager feature allows you to store these secure logins since they will be very difficult to remember. Problems solved!
5. Run from Public Wi-Fi networks
We – myself inclusive – love freebies. One of such freebies that holds a lot of appeal for us is free Wi-Fi.
This is the kind of network we see and instantly begin downloading all the series and movies we have had pending. With public Wi-Fi networks, we can finally check Instagram TV with reckless abandon without having to worry about data.
However, it is always said that nothing is free, even in Freetown. The same can be said of free Wi-Fi networks.
These networks are unencrypted, making it possible for anyone with the right access to see what you are doing online. That means they can intercept your internet traffic to gain access to your device, steal your credit card information from your browser, and much more. In continuation, you can fall prey to any of man-in-the-middle attack, rogue Wi-Fi network scams and much more.
Honestly, the best advice we can give here is that you stay off public Wi-Fi networks forever. If that is too much for you, consider investing in an Android VPN so that your connection stays encrypted even when using the relatively unsafe network.
6. Install an antivirus software
Before smartphones started getting mainstream, we used to have laptops and desktops around. One thing that they did come with out of the box was antivirus software, showing you how much the OEMs believe they are important to device security too.
Now, we cannot categorically suggest one kind of antivirus software to you since they usually have different strong points. However, there is a wide array of Antivirus Apps for Android out there that you can look at before making your choice.
As a recommendation, paid antivirus software is better than the free ones, since those only protect you against minimal threats. Likewise, your antivirus software should be updated as fast as possible since that is the only way you can always be prepared against the latest threats.
7. Avoid strange links
You might not know this, but phishing attacks are the leading cause of all internet hacks worldwide. The fact that they have been around for a while means they should have been eradicated, but hackers just keep getting smarter and smarter with it.
For those who don't know what phishing is, it occurs when:
You get an mail or SMS from a supposedly trusted company. Most times, this is a brand you know (such as a bank, company like Coca-Cola, etc.). The only problem is, the message has been faked to look like it's from the actual brand you know.
The message requires you to take action. This action could range from claiming a prize, updating a piece of account information to prevent loss of access and making payments for an order to just about any other thing.
Once you click on the link, you are taken to a lookalike website where your information (credit card details, login info, etc.) is required. Should you enter this information, it will be sent to the hacker.
These hackers can then use your information to access your real account, and there is no telling what they can do from there.
The best fix against phishing attacks is to be careful of strange links in your mail and SMS. When in doubt, refrain from clicking the links and type it out yourself in your browser. Likewise, know that no serious brand will ask you to update sensitive information online.
8 Use Find My Device
Most of you don't know this, but Google did something amazing when they added a neat little feature called 'Find My Device' to Android phones.
Do you know how you have to register a Gmail account with Android phones these days? This Gmail account acts as your online identity – recognizing you and the kind of phone you are using.
Should your phone get missing – and with this feature turned on – you get to find where the phone is on a map.
All you have to do is log in to the online Find My Device platform, log in with your Gmail and your phone automatically pops up – the name and model. Enabling the search option will display where the phone is on the map. If it has been turned off, you get the location of the last sync until it is turned on again.
The impressive thing about this feature is that you can force your phone to ring at the loudest volume. This is a great way to catch a thief if they are still in the vicinity. Interestingly, even if the phone had been set to silent, it would still ring loudly.
At the same time, you can use this feature to lock your phone remotely. Thus, the person who took it won't be able to get into the phone – even if they knew your normal device password.
In the uneventful case that all hopes of getting the phone is lost, Find My Device also allows you to wipe all the data on it remotely. This way, you can be rest assured your sensitive files and data won't be hacked by the person with the phone now.
That is some list, don't you think? This shows you that a lot has to still be done on your part to ensure your phone – the data, content and sensitive files on it – remains safe. After your OEM has done its part, that is. Which of these tips do you find the most useful? Let us hear your thoughts down below in the comments section.