It's bad enough that 1 in 3 robberies in major cities nationwide now nets a mobile phone — thousands are taken each day in what's called "Apple picking" because of the popularity of iPhones (although street thugs eagerly steal other brands). But there's also a huge harvest by stealth cybercrooks who increasingly target smartphones remotely to collect their users' stored data for identity theft.
Why? Smartphones not only access the Internet, but their text messages are sent without encryption, and messaging apps typically have no security protections. Plus, cellphone users generally haven't wised up to the smartphone threat and are more likely than computer users to respond to spam.
With software firm Juniper Networks reporting a sixfold increase in malware threats to mobile devices last year, predictions are that 2014 will be yet another record-breaker for these attacks — with smartphones (and Androids in particular) leading the list.
Here's how to stay safe
1. If your phone offers encryption, enable it. You can learn how at help.unc.edu/help/encrypting-cell-phones. "Most encryption software will then automatically update as needed," says Adam Levin, founder of IDentity Theft 911.
2. Use security software recommended by your carrier or phone manufacturer, or free products by companies such as AVG, Avast and Lookout Mobile Security.
3. When using your smartphone to shop, use retailers' dedicated apps rather than your phone's browser.
4. Before installing apps, read their reviews — and stick with trusted vendors such as Google or Apple. Always read the "permissions" before downloading apps; avoid those wanting your OK to reveal your identity and location.
5. Think twice about public Wi-Fi networks. "For the most part, you're more secure using the provider's network," says Levin. Also, don't leave Bluetooth connections open.
6. Don't auto-save your user name and passwords on apps or when using your smartphone to make financial transactions.
7. Regularly clear the browser history to prevent smartphone thieves from retracing your steps to hijack your accounts.