Smartphones are increasing security risk

Posted on by

Do you think?

  • Your cell phone calls are very secure and private.
  • Messaging is more private than voice calls.
  • No one knows where you are.
  • No one around you is seeing your private photos and videos.

If you are using a smartphone with internet access, you are probably wrong. A spy application can do all the above unwanted things silently. Not necessarily such an app needs to be installed deliberately on your phone. They can get in your phone in various ways just like a spyware gets in your computer.

Smartphones, reasonably increases the risk of being hacked. It has opened another door for the hackers to steal our data in addition to computer. Today our personal data is not only computer centric, we are carrying our data through our phones wherever we go. We access our mail accounts, bank accounts, official sites, business apps, messengers, facebook, twitter, and other apps directly from our phones. While accessing those apps, many of us advisedly allow mobile devices to remember our credentials to avoid re-entering username-password every time we log in. “Remember me” in mobile phone is similarly risky like computer. If someone gets your phone for few moments she can check your personal mails secretly even she is in front of you.

For many years, physical access was the only way to steal data from simple phones as they were not connected with internet. At the time when vendors started making internet enable phones, they are making us more potential victim of internet based attacks. Now we are living in the world of smartphone, internet is the heart of it. It’s unthinkable that you have a smartphone but you don’t use internet. Along with internet access, today’s smartphones have a platform to host third party applications just like computer. Those apps can access private data stored in your phone and communicate with server to store them. Now anyone can access your data through an app even she lives in another country.

Hackers are thinking about our phone. They are researching on mobile attack. Mobile could be the primary focus for attacking us someday. For instance, nowadays many applications give option to reset password via a mobile phone. Here is how the password recovery/reset process works:

  • User enters a phone number in password recovery page.
  • System detects associated user account and sends a code through SMS in the corresponding phone.
  • Either that code is the new password or used to reset password.

The process is similar like resetting password via email. Instead of sending email, a SMS is sent. Although the process is very similar, I think mobile phone is less secure in this purpose. Anyone around you has access your personal phone, can compromise your account within a minute silently. You might think if someone has access my email account he can do the same. Yes, that’s true but there is another thing that makes the mobile phone less secure.

The entire attack can be simplified by an app that has access to your SMS. The app can silently put your phone number in password recovery page, read the code from your inbox and reset your account. It’s just a way your phone can be used as a weapon against you.

Do you want to share this?

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>