AS phone snatching cases in the UK surge, Brits are being urged to make 10 Settings changes to prevent a thief from taking off with more than just your smartphone
More than 200 smartphones are swiped out of the hands of innocent passerbys every day, new figures revealed earlier this week.
That’s 78,000 a year, up from 31,000 the year before.
The figures are damning, and have prompted the Home Office to bring phone companies into the discussion on how to tackle thefts and illegal reselling.
The majority of phones are resold, and end up in night markets in Shenzhen, China, according to an investigation by The Times.
But phones hold data that can be valuable to criminals, from banking information to social media accounts.
While the government works with phone companies to make stolen devices permanently unusable if stolen or lost, there are ways to protect yourself and your device in the meantime.
Bogdan Botezatu, director of threat research and reporting at cybersecurity firm Bitdefender, told The Sun that there are 10 features iPhone and Android owners can enable and disable to make their devices more secure in cases of theft.
Enable Find My iPhone / Find My Device
“Ensure that the Find My feature is activated on your device,” said Botezatu. “Allowing you to track, lock, or erase your phone remotely if it’s lost or stolen.”
For iPhone users, this can be done following these steps:
- Open the Settings app.
- Tap your name, then tap Find My.
- If you want friends and family to know where you are, turn on Share My Location.
- Tap Find My [device] and then turn on Find My [device].
- To see your device even when it’s offline, turn on Find My network.*
- To have the location of your device sent to Apple when the battery is low, turn on Send Last Location.
If you want to be able to find your lost device on a map, make sure that Location Services is turned on.
To do this, go to Settings > Privacy & Security > Location Services, then turn on Location Services.
Thieves will attempt to remove the SIM card from the locked device and use it in an unlocked phone to receive SMS-based one time passwords.
Bogdan Botezatu, director of threat research and reporting at Bitdefender
While Android owners should follow these instructions:
- Open your Settings app.
- Tap Biometrics & Security.
- Tap Find My Device, then tap the switch to turn it on.
Set a Strong Passcode or Biometric Lock
The majority of people know better than to not have a passcode or biometric lock on their device.
But many still rely on easy-to-guess passcodes, like 123456 or 111111.
Botezatu urges consumers to use a “strong” passcode or biometric authentication like Face ID, Touch ID, or fingerprint scan to prevent unauthorised access.
Enable Remote Wipe
This feature, found on both the iOS Find My iPhone and Android Find My Device, lets users wipe the contents of their handset from afar.
Even if the snatcher has zoomed off on their bike, you can log into your Find My iPhone or Find My Device on a PC to erase your phone’s data remotely.
Backup Your Data Regularly
“Regularly back up your phone’s data to iCloud or Google Drive, ensuring that you can recover important information even if your device is lost or stolen,” added Botezatu.
Both iCloud and Google Drive offer a small amount of storage for free.
But if you want to store more data, be sure to buy more storage for a monthly fee.
Use Two-Factor Authentication (2FA)
Consumers should enable 2FA on all their accounts, but particularly those tied to their phone, such as Apple IDs and Google Accounts.
It adds an extra layer of security by requiring two forms of identification to access an account, such as a one-use security code sent to your phone alongside a traditional password.
eSIMs are more secure than conventional SIM cards because they are embedded in the phone’s hardware, making them harder to remove and tamper with, thus reducing the risk of SIM swapping and unauthorised access to the phone number
While text-based security codes are common, Botezatu suggests you choose an alternative 2FA method so you can still access your accounts if your phone is stolen.
“Do not use SMS-based 2FA when possible as you will likely be briefly losing access to your mobile number as well,” he said.
“[And] make sure you have backup codes printed and stored somewhere safe as you will also lose access to your authenticator app as well.”
Disable Notifications on the Lock Screen
Disabling notifications on your lock screen is a privacy measure that can be quite the lifesaver if your phone gets stolen.
It also means that hackers cannot access your accounts if you do opt for SMS-based 2FA.
“Configure your phone to hide sensitive notifications on the lock screen to prevent anyone from seeing private information without unlocking the device,” said Botezatu.
Activate SIM Card Lock
To help protect your mobile number and the information stored on your SIM card, you can set up a SIM pin.
This means that if the SIM is taken out of your phone and put into another one, you’d be required to enter a pin to unlock it.
Many times, thieves snatch the mobile phone while unlocked or after they have memorised your screen unlock pin and will attempt to change your iCloud password to gain control of the account.
“Enable a SIM card PIN to prevent unauthorised users from transferring your phone number to another device,” Botezatu cautioned.
“Thieves will attempt to remove the SIM card from the locked device and use it in an unlocked phone to receive SMS-based one time passwords.”
eSIM over traditional SIM cards
Botezatu also urged consumers to consider using an eSIM over a traditional, physical, SIM card that slots into the phone.
“eSIMs are more secure than conventional SIM cards because they are embedded in the phone’s hardware, making them harder to remove and tamper with, thus reducing the risk of SIM swapping and unauthorised access to the phone number,” Botezatu explained.
“Many times, accounts can be recovered by an attacker who has access to the mobile number associated with the account.”
Install and Update Security Apps
“Consider using security apps that offer anti-theft features, such as remote lock, siren activation, or snapshot of the thief, and ensure they’re always up to date,” added Botezatu.
However, its important to make sure the apps your download are legitimate – and not a fake app masquerading as security software.
Find our tips on spotting dodgy apps in the box below.
Enable Location-Based Cloud Password Protection
Location-based iCloud password protection can restrict any password changes if you are not in a familiar location.
“Many times, thieves snatch the mobile phone while unlocked or after they have memorised your screen unlock pin and will attempt to change your iCloud password to gain control of the account,” said Botezatu.
It’s important to note that this feature is currently only available to iPhone owners – however, that might soon change if Google catches wind of how helpful it is.
How to spot a dodgy app
Detecting a malicious app before you hit the ‘Download’ button is easy when you know the signs.
Follow this eight-point checklist when you’re downloading an app you’re unsure about:
- Check the reviews – be wary of both complaints and uniformly positive reviews by fake accounts.
- Look out for grammar mistakes – legitimate app developers won’t have typos or errors in their app descriptions.
- Check the number of downloads – avoid apps with only several thousand downloads, as it could be fake.
- Research the developer – do they have a good reputation? Or, are totally fake?
- Check the release date – a recent release date paired with a high number of downloads is usually bad news.
- Review the permission agreement – this agreement gives permission for the app to take bits of your data, and fake apps often ask for additional data that is not necessary.
- Check the update frequency – an app that is updated too frequently is usually indicative of security vulnerabilities.
- Check the icon – look closely, and don’t be deceived by distorted, lower-quality versions the icons from legitimate apps.
All of this information will available in both Apple’s App Store and the Google Play Store.