Article

How to secure your phone to protect yourself against mobile scams

How to secure your phone to protect yourself against mobile scams
F-Secure
F-Secure
|
26 Nov 2024
|
9 min read

When was the last time you cleaned your mobile phone? Over the years, phones can become cluttered with apps, photos, files, contacts, and more. All this data can slow down your phone and impair the security of your device.

The more you download, the more third-party services will access sensitive data. If private information like your credit card number or Social Security Number (SSN) ends up in the wrong hands, it could put you at risk of identity theft. Cleaning your mobile device periodically can help you avoid scams and keep your information private.

What are phone scams?

Your mobile device offers countless conveniences. You can do just about anything on your phone, from paying bills to talking to far-away friends. Unfortunately, the increased usage of mobile devices makes them a popular target for scammers.

Phone scams attempt to trick consumers into sharing sensitive data or downloading malicious software. Criminals use a variety of schemes to achieve their goals:

  • Phone Vishing — Voicemail scams or phone vishing involve a caller pressuring you to take action. They usually claim to be from a trusted organization, such as a bank, credit card company or government agency.  The goal is to push you into sharing personal information or sending money. If you don’t pick up, they will leave a voicemail urging you to call back. They may threaten penalties, fines, or even arrest.

  • SMS Phishing — Sometimes referred to as smishing, SMS phishing scams are carried out via text message. These phone scams often include a link that can infect your device with malware or spyware when clicked. Some smishing scams try to convince victims to sign up for a paid subscription. Others attempt to persuade you to share personal information.

  • One-Ring Scams — One-ring scams aim to exploit consumer curiosity. Your phone will only ring once, prompting you to call back to find out who it was. This is where the scam begins. If you call the number, you will be charged fees. Usually, the calls come from an international area code.

  • Mobile Device Viruses — While using your web browser, you might suddenly get redirected to a page insisting that your device is infected. The page will claim it scanned your device and detected a virus. It will encourage you to download a fake antivirus app that contains mobile malware.

Protect your smartphone from cyber criminals & intruders

There are steps you can take to protect your mobile phone and data from cyber criminals. Here’s what you should do:

  • Protect your mobile phone number: The more websites, apps, and services have your mobile number, the higher your risk of phone scams and spam. Avoid giving out your phone number when you can.

  • Clean your device: Limit how much personal data you have online by regularly cleaning your device. Delete apps you don’t need or haven’t used in a month, and also delete the online accounts related to them.

  • Keep your software up to date: Updating your software is critical for device security. Software updates often contain security improvements, such as eliminating vulnerabilities that cybercriminals can exploit. Install updates for apps and your device’s operating system as soon as they become available. It is a good idea to enable automatic updates.

  • Use strong passwords: Many cybercriminals use automated software to guess passwords. Passwords that are short, common (i.e., 123456), or easy to guess (such as a birthday) are quick to crack. Never use the same password on multiple accounts. If attackers gain access to one, every account with the same login credentials will be at risk.

Always choose strong, unique passwords. These should include upper and lowercase letters, numbers, and symbols. Passwords should be at minimum 12 characters long. A password manager helps you create and store strong passwords for quick access from all devices.

  • Enable two-factor authentication: Two-factor authentication (2FA) provides an extra layer of security in case someone steals your password. It requires those logging in to provide proof of their legitimacy. There are many forms of 2FA that users can choose. Popular options include verification through a trusted device, a text to your mobile device or email containing a code, or a fingerprint or facial scan.

  • Lock your device: Always set up a lock on your mobile device. This will secure your data against intruders if your phone is lost or stolen. You can set a password, PIN, or pattern or select a biometric authentication method like fingerprint or retina scans. You should also lock down any app containing sensitive information, such as payment or banking apps. Criminals getting into your financial accounts could lead to identity theft.

  • Backup your data: When cybercriminals gain access to a device, they sometimes delete your data after stealing it. You’ll want a backup or two saved ahead of time to ensure you don’t lose critical data. You can use your device’s backup options, cloud storage, an external hard drive, flash drives, or a third-party backup app.

  • Ignore & report spam: One of the most common consumer complaints today is spam. Whether in a phone call, text message, or email, spam can be an annoyance and a danger to your private data. Avoid clicking links or downloading attachments in emails and texts unless you are absolutely sure the sender is legitimate. When you don’t recognize a phone number or your caller ID flags a caller as “Potential Spam” or “Scam Likely,” ignore it. Sometimes scammers use spoofing, which changes the phone number on your caller ID. Report illegal robocalls and spoof calls to the Federal Communications Commission (FCC).

If you constantly receive spam calls, you can sign up for call-blocking services that silence unknown callers. Most email services are effective at filtering potential spam and phishing emails. If any suspicious emails bypass the filter, mark them as spam and block the sender.

  • Avoid public Wi-Fi: Public Wi-Fi may seem like a convenient way to save data, but it comes with risk. An attacker may intercept the communications to and from your device, including passwords, phone numbers, credit card information, and anything else you enter. However, you can avoid this and make any Wi-Fi safe with a VPN that encrypts your data.

  • Manage app permissions: When you download an app, it will give you the choice to allow or deny permissions to access your camera, location, contacts, and other features. Some apps request more permissions than they need to function. To go through your list of app permissions, open your settings. From there, tap Privacy for iPhones, Apps > App Permissions. And for Android, open settings, then go to Apps and open apps individually. Remove unnecessary permissions.

  • Don’t use unofficial app stores: The Google Play Store and Apple App Store are your safest options to get apps, as they thoroughly vet all available apps. Don’t download apps from websites or unofficial app stores.

  • Don’t jailbreak your iPhone: iPhones do not allow users to access apps and software from sources other than the Apple App Store. To get around this, some users jailbreak their mobile devices. Apple strongly advises against this. Jailbreaking your phone voids your warranty and exposes your device to cyber threats. If you accidentally download malicious software, Apple support will not be able to help you.

  • Download an internet security app: A quality security app greatly enhances your device security. The F-Secure Total app offers superior device security, scam protection, mobile privacy, and identity theft protection. In addition to device security, we provide a comprehensive approach to safeguarding your digital identity. This includes Scam Protection, which blocks suspicious websites and links, helps you avoid shopping and banking scams, and more. F‑Secure Total is the all-in-one app you need for total web protection.

What to do if your phone has been hacked

If you suspect your device has been compromised in a phone scam, it is vital to take action immediately.

  • Scan your device: Use an antivirus app to scan your device for malware.

  • Contact businesses: Scammers are most often after your money. Review your financial statements, such as your banks and credit cards, for unusual activity. Call the company to dispute and report any fraudulent transactions.

  • Delete apps: Check your device for apps you don’t remember downloading and uninstall them immediately. If you recently downloaded an app from a third-party service, it may be the source of the hack and should be removed.

  • Factory Reset your phone: If deleting suspicious apps doesn’t work, you may need a complete factory reset. This restores your device to its original factory settings. It is a guaranteed way to remove any malicious software, no matter how well-hidden it is. Factory resets erase all data — apps, images, videos, contacts, etc. — so make sure you have a backup first.

On Android

Tap Apps > Settings > Backup and reset > Factory data reset > Reset device > Erase everything.

On iPhone:

Tap Settings > General > Transfer or Reset iPhone > Erase All Content and Settings. You will be prompted to enter your Apple ID password.

  • Change your passwords: Once the hack is removed, update your passwords. Remember, passwords should be complex, unique, and difficult to guess.

 

Frequently asked questions

Why am I getting a lot of spam calls on my cell phone?

You are likely getting more unwanted calls because your mobile phone number was sold to scammers. Most spam callers purchase phone numbers in bulk from third-party providers.

Is it better to ignore or decline spam calls?

Some consumers answer spam calls to tell them to stop calling. However, it is best not to answer at all. Taking such calls tells scammers that your number is active and that a potential victim is on the other side. The more you answer, the more calls you will receive.

How do I stop scams on my phone?

To protect yourself from illegal robocalls and texts, don’t answer calls or texts from unknown numbers. Report the number to the FCC. Phone companies often have blocking tools, so you can check to see what services yours offers. You can also download a call-blocking app.

devices secured illustration

Prevent your devices from getting hacked

Protect everything you do on all your devices with one subscription.

total
total

Protect your phone with F‑Secure Total

F‑Secure Total provides comprehensive device protection. Get complete online security, scam protection, mobile privacy, and identity protection in one brilliantly simple app.

  • Block viruses and protect all your devices

  • Avoid shopping, browsing and SMS scams, and secure your online banking

  • Prevent identity theft with 24/7 monitoring and alerts

  • Encrypt your connection and keep your personal data and passwords protected

  • Make the internet a safer place for kids with limits and filters 

Read more about Total