Imagine a future in which tiny drones hover almost silently over your home, hacking into your cellphone and stealing data that could be used to sap your bank account or create a fake "you" complete with credit cards and mortgage loans.
Science fiction? Nope. Meet Snoopy, an unmanned aerial flying machine that has been hovering over London testing technology that takes ID theft to another level. The device scans for smartphones whose Wi-Fi connections are left open and searching for familiar routers like Starbucks or McDonald's to which you have previously connected. The little bugger then pretends to be one of those familiar providers and tricks you into connecting, opening up your phone for a thief to steal passwords, contacts and other critical data.
This ingenious attack is just the latest escalation in the modern data security arms race. Large-scale hacks of corporate databases containing consumer information as well as surreptitious access to individual communications represent the latter-day cyber version of going through your trash. But you can reduce the odds of becoming a victim of an attack on your cellphone by taking some simple precautions and thinking about what your online footprint actually looks like.
First, protect your phone and important data thereon from physical theft. Use a pin or password to lock your phone. All new smartphones come equipped with the option to require a password or code number in order to unlock the device. In addition, apps are available to require fingerprint scans to unlock, and to wipe the phone clean of data and reset to factory defaults after a specified number of unsuccessful attempts.
If you must retain sensitive data on your device, consider purchasing a proximity detector and alarm. These gizmos are small electronic fobs for a key ring or purse that trigger an alarm if the phone travels beyond a certain programmable distance from the detector. Users can choose to remotely wipe data if desired, and exclusion zones can be programmed within the perimeter of your home or other secure areas.
Next, take steps to shield your smartphone from hacks while in your possession. Install a good mobile phone antivirus program. Basic versions are available for no cost from most cellular providers, and premium upgrades can provide enhanced security for a nominal fee. Hackers can sneak in through your mobile Web browser just like on your desktop, so make every effort to lock them out.
If you complete financial transactions on your mobile device, be certain to log out before leaving the app. And avoid storing or remembering any login IDs or passwords; always start a new session from a blank screen. Inconvenient but much safer.
The reports of the Snoopy drone offer a lesson in good wireless hygiene. Always disconnect from any Wi-Fi services and disable the Wi-Fi capability when you are finished surfing. That goes for Bluetooth functionality as well; these are like flashing beacons signaling to nefarious data thieves that your files are open for inspection.
Finally, think carefully before allowing social media apps to vacuum up personal information about you. Hackers can easily glean from your Facebook account valuable personal info like birthdates and addresses that can assist in setting up false identities when combined with a stolen Social Security or credit card number. And ask yourself if sharing your location is really such a great idea. It broadcasts to the underworld the fact that you are away from home and discloses your present location.
The battle for wireless security has been joined and the enemy is well armed. Time to reinforce the ramparts.
Christopher A. Hopkins, CFA, is a vice president and portfolio manager for Barnett & Co. in Chattanooga.