During a time when our smartphones are extensions of ourselves, mobile security has never been more critical, but mobile threats continue to evolve at an alarming rate.
According to recent statistics, there were 7.78 million cyber attacks in the UK alone over the past 12 months, with reported losses of £91.2m to London’s citizens and businesses in the six months to September last year.
It’s thought that 53% of businesses are being targeted at least once a month, and the average cost of the most disruptive breach for medium and large London businesses stands at £10,830.
Mobile devices are particularly vulnerable, with 30% of known zero-day vulnerabilities targeting these platforms.
Phishing remains a major concern, accounting for over 80% of reported security incidents.
Additionally, an average of 24,000 malicious mobile apps are blocked daily on the internet.
Given these sobering statistics, here are lesser-known strategies to enhance your mobile phone security, addressing specific threats along the way.
Enable SIM card lock
Threat protection: unauthorised access, identity theft
While most Londoners lock their screens, many overlook SIM card security.
Enabling a SIM PIN prevents unauthorised access to your cellular account if your phone is stolen.
This extra layer of security can prevent attempts to intercept calls or messages, protecting you from identity theft and unauthorised use of your mobile services.
Use DNS-over-HTTPS (DoH)
Threat protection: DNS spoofing, malicious redirects, account takeovers
DNS-over-HTTPS (DoH) is a valuable tool for securing your iGaming accounts by encrypting DNS queries, making it more difficult for cybercriminals to intercept or redirect your web traffic.
This feature protects against DNS spoofing, where hackers can redirect users to malicious websites.
Industries like video gaming and iGaming, including platforms like casinos not on gamstop, are particularly vulnerable, second only to the financial sector in terms of targeting.
For example, in 2023, 4% of all login attempts on gambling platforms were malicious attempts at account takeover.
Many UK crypto casinos use SSL encryption and have various security measures in place to protect players’ data.
However, you still need to take extra steps to secure your own mobile device to ensure your accounts remain safe.
Enabling features like DNS-over-HTTPS (DoH) can further enhance your online security.
By combining platform security measures with personal precautions, you can significantly reduce the risk of falling victim to cyber threats.
Disable smart lock features
Threat protection: unauthorised physical access
Smart Lock features, which keep your phone unlocked in certain locations or when connected to specific devices, can be risky in a city as densely populated as London.
Disabling these features ensures your phone remains locked in all situations, reducing the risk of unauthorised access if your device is lost or stolen in a “trusted” location.
Use privacy screens
Threat protection: visual hacking
In London’s crowded public transport system, privacy screens are invaluable, and these screens limit the viewing angle of your display, preventing visual hacking in packed Tube carriages or busy coffee shops.
This simple addition makes it difficult for others to see your screen from side angles, protecting sensitive information from prying eyes.
Disable bluetooth discoverability
Threat protection: bluetooth-based attacks
In a city where thousands of Bluetooth devices are nearby, keeping your Bluetooth in non-discoverable mode when not actively pairing devices is crucial.
This precaution can protect you from Bluetooth-based attacks like BlueBorne, which can allow hackers to take control of your device without your knowledge.
Use built-in security features
Threat protection: targeted cyberattacks
Many phones have advanced built-in security features that users often overlook, for instance, iPhones have a “Lockdown Mode” that provides extreme protection against targeted cyberattacks.
Android devices often have features like “Google Play Protect” that can scan apps for security threats.
Familiarise yourself with and enable these built-in protections, especially if you work in sensitive industries prevalent in London, such as finance or technology.
Encrypt your backups
Threat protection: data breaches, unauthorised access to backups
If you back up your phone to your computer, ensure those backups are encrypted.
This precaution prevents unauthorised access to your data if your computer is compromised.
Most modern smartphones offer encryption options for backups, adding an essential layer of protection to your personal information.
Use secure messaging apps
Threat protection: message interception, data privacy
For sensitive communications, opt for end-to-end encrypted messaging apps like Signal or WhatsApp instead of standard SMS.
These apps provide significantly better protection against message interception and ensure that your conversations remain private.
Enable automatic app scanning
Threat protection: malicious apps, Trojans
Many Android devices have a feature that can scan apps for security threats before and after installation.
Enabling this feature provides an extra layer of protection against malicious apps, which are a growing concern in the mobile threat landscape.
In 2023, more than 300,000 Android users downloaded banking trojan apps via the Google Play Store.
Regularly review and revoke app permissions
Threat protection: data Leakage, privacy breaches
In June 2024, London experienced one of its most severe cyber attacks, targeting the healthcare sector.
Synnovis, a blood test management organization working with the NHS, fell victim to a ransomware attack that had far-reaching consequences for London’s healthcare system.
Nearly 400GB of private information was stolen and later shared on the darknet, including patient names, dates of birth, and NHS numbers.
Regularly check and revoke unnecessary permissions granted to apps, an app that once needed access to your camera or microphone may no longer require it.
This practice limits the potential for data leakage and protects your privacy.
