With Apple’s anticipated announcement Wednesday that it is rolling out the fifth edition of its wildly popular iPhone, we can expect to see more lines of avid Appleheads queuing up outside Apple stores around the country, waiting to become the first ones to get their hands on the shiny new devices.
But could there also be another line after that: A line of hackers waiting to steal iPhone users’ identities? Apple products, once considered safe from hackers, now have become targets for sophisticated attacks. This month, a group of hackers named AntiSec claimed that they stole over 12 million Apple device identification numbers from the computer of an FBI agent.
That claim later appeared to be debunked by Paul DeHart, CEO of a Florida company named Blue Toad, who told NBC News that his company was the source of the leaked information.
Whatever the source of the leak, the device ID numbers could cause problems for iPhone users, since the numbers are linked to owners’ names, cell phone numbers and home addresses.
“Cell phones, especially smartphones, are a key to anyone’s identity these days,” says Ondrej Krehel, information security officer at IdentityTheft911.com.
The iPhone 5 will have plenty of security upgrades over former versions, Krehel says. It also will have a new operating system, new apps, and loads of new features, all of which could make it vulnerable to attack.
“You’ll see more complexity, more applications that haven’t been in production very long,” says Krehel. “So there’s definitely more room for error.”
All that complexity makes it even more important that Apple users secure their new phones. Here are some tips for how to do it. (Hint: All of these tips apply even if you have older versions of the iPhone, or other types of phones including Androids.)
No, Really. Use Passwords.
You’ve heard it many times before: Lock up your phone with a password. It’s an easy thing to do, and it can save you from many potential problems. Think of all the data sitting on your phone: Your email accounts, bank accounts, social media, all your texts, and your address lists, not to mention all your apps.
You don’t want all that information falling into the hands of a hacker or a petty thief.
“Your phone is the key to unlocking a large trove of information about you,” Krehel says. “A password is the first step in securing all of it.”
Not only should your phone be locked, but all the applications should be, too. If you have an iPhone, you should also put a password on the SIM card to help prevent a thief from using your cell phone account, Krehel says.
All iPhone 5’s will come pre-loaded with iWallet, Apple’s new suite of programs to help users manage their banking and financial needs. Many other smartphones have similar capabilities.
It’s critically important to set up these applications correctly from the start, Krehel says. Your phone password may only be four digits long, but make sure that each of your bank and financial passwords is long, and includes both numbers and letters. Never click the “Remember Me” button on your bank’s site. This may add convenience, but it also opens the door for any hacker or thief to access your bank account with the click of a button. Having trouble remembering all of these passwords? Download a program that creates an encrypted lock box on your phone specifically to store all your different passwords.
“The encryption on those programs is really strong,” Krehel says.
If you take pictures of checks you’re depositing, be sure to delete those pictures once the deposit has gone through. Also, set up automatic notifications — by both text and email — of any unusual transactions, such as money moving between accounts, or large amounts being withdrawn at a time.
“That way, if they steal your phone you’ll still get an email, and if they hack your email you’ll still get a text,” says Krehel.
Manage Your Connections.
WiFi, Bluetooth, USB cords — anything that can connect to your phone is also a potential vector of attack, says Krehel. If you connect the phone to another device using the USB port, make sure you enter a password before completing the connection.
Bluetooth devices, especially older ones, are notoriously vulnerable to hackers, Krehel says. The best defense: Anytime you’re not using it, turn it off. And the age-old advice for laptops in coffee shops applies here too: Only use WiFi networks that require you to enter a password.
Use a Remote.
Many apps enable you to locate your device, lock it up, and wipe all the data off it, all from remote. Apple has iCloud, and Android users can use Android Lost, among others. You can also do the same thing in the cloud.
Image: Ben Becker, via Flickr