If you’ve got a few extra minutes this holiday week, consider taking a break from grilling, swimming, and celebrating to do something important: update the apps on your smartphone.
Last month, Microsoft announced that it had released a new version of its Outlook for Android app that patched a critical security vulnerability. According to the tech giant, the older Outlook app—used by approximately 100 million users—contained a bug that allowed hackers to perpetrate illicit in-app attacks.
How exactly does this hack work?
Cyber thieves who took advantage of the issue could send a specially crafted, “spoofed” email message. If users interacted with that email in a meaningful way (say by clicking a link or downloading an attachment), hackers could gain access to a user’s phone and run malicious scripts to reverse engineer a fake app. That could then steal any type of information stored on a smartphone: social media passwords, financial logins, work files, personal photos, and much more.
Luckily, independent security researchers alerted Microsoft to the security problem before any significant attacks took place. But the alert raised the specter of other older apps potentially compromising important data housed on users’ smartphones.
Most apps on the iOS and Android platform update automatically. But some security settings can prevent regular upgrades—and when an alert like Microsoft’s pops up, it might be worth checking into the status of your apps.
Why are app updates so important?
In May, the popular messaging app WhatsApp announced a flaw that allowed hackers to remotely install spyware on iOS and Android devices—without users ever noticing. In 2017, security experts estimated that 90% of smartphone apps contained some sort of significant security risk. And password hacks on platforms like Facebook, Twitter, and LinkedIn represent serious threats to billions of users.
Thankfully, smartphone manufacturers are taking notice. Google’s Play Protect setting scans every app installed on your phone, regardless of its source, to look for hidden malware, keystroke-logging scripts, or data hacks. Meanwhile, Apple’s iOS operating system updates every time a security vulnerability is identified.
Beyond updating your apps, here are a few more important smartphone security tips:
1) Activate phone finder services.
If your phone is ever stolen or lost, this can be a lifesaver—either to locate your device or to remotely wipe its important data if it is lost for good. On an iPhone, click on Settings > iCloud > Find My iPhone and make sure the tab is green. On an Android phone, click on Settings > Security or Security & Location > Find My Device and make sure it’s turned on. Apple recently expanded this service to the integrated Find My app, which works with iPads and iMacs as well as new iPhones.
2) Use two-factor authentication for your phone login and apps.
This typically manifests itself as a one-time code to be entered along with your usual password, or as a fingerprint login or Touch ID. Making sure this setting is activated under your Settings > Password & Security menu could serve as a digital lifesaver if your smartphone is infected with malware or another kind of malicious app that logs passwords.
3) Beware of suspicious-looking links or attachments.
Hackers usually rely on illicit links or infected attachments in spam email messages to target desktops, laptops, and other workstations. But as smartphone capabilities expand and more of us work from home or the road, our mobile email inboxes can represent easy targets, as well. If you don’t recognize the sender of an email or aren’t expecting an attachment from a specific user, think twice before you click a link or expand that PDF.
4) Delete any old or unused apps from your smartphone.
It can be tempting to save that parking app you used on your last trip or that social media account you haven’t logged in to in two years on your phone. But doing so has several deleterious effects: yes, you’re clogging up your phone’s precious memory. You’re also leaving yourself open to bugs and flaws, particularly if the app in question has been discontinued or removed from extended support. Make a habit of cleaning up your smartphone menu on a monthly or quarterly basis to eliminate unused apps.
5) Avoid unsecured public Wi-Fi networks.
Especially if you’re on the go and running low on data, it’s tempting to sign in to a coffee shop or airport’s public Wi-Fi network. Without proper protections, however, such connections can open you up to serious security problems. If you have cell phone service, stick with your carrier’s network for connectivity, particularly if you’re accessing any sensitive financial information or collaborative documents. Alternatively, a VPN (Virtual Private Network) can provide a secure connection to the Internet no matter where you are.
Have questions about implementing any of the above smartphone security strategies? Concerned about the status of your Outlook for Android app? Contact CMIT Solutions today. We take care of IT worries so you don’t have to, empowering you and your employees to work anytime, anywhere while keeping data and devices safe.