Please find this month’s SecurAlert which addresses a growing trend – identity theft via Smart Phones. We uncovered some very interesting information in researching this issue that we hope will be useful.
SecurAlert March 2014 - Smart Phone Identity Theft
1. Identity theft affected over 12 million Americans in 2013 with many of these crimes tied to the
theft of smartphones.
Smartphone = SmartTheft
The National Consumers League, which has been “representing consumers and workers on marketplace and
workplace issues since 1899,” reports that 1.6 million American consumers had a hand-held device stolen in
2013. Bad guys sell these phones to pawn shops, unsuspecting students, small mom and pop businesses and the
Asian black market. Many owners of smartphones forget that these devices are computers and don’t even use
password protections on them.
Thefts of Smartphones have taken a very dangerous turn. In recent years, brazen criminals are targeting people
who are actually in the process of using their Smartphone and physically grabbing the phone away from them
(See August 2013 SecurAlert, “Apple Picking”). Many of these thefts have left victims injured and even killed.
The growing street crime in every metropolitan city is the most visible example of what law enforcement
authorities describe as a well-orchestrated underground global industry.
According to a recent Forbes Magazine article,
• The number of stolen phones in New York City
climbed 40% in one year
• Stolen smartphones account for one out of every
two robberies in San Francisco.
• Nationwide stolen smart phones now account
for 33% of all robberies.
2. The global nature of this illicit trade stems
in part from measures American wireless
carriers have imposed to make it harder to
resell stolen phones in the United States,
prompting criminals to seek new mar-
kets overseas. But it also results from the
unique business model used to sell smart-
phones to American consumers. In the
United States, cell phone carriers subsidize
the costs of the phones, while in most
other countries customers pay full retail
price. The same iPhone that Americans
can obtain for $250 can fetch as much as
$800 on the streets of Hong Kong or Rio
de Janeiro. The trade has grown so vast and
lucrative that it’s attracted organized crime
and alleged terrorist organizations, from
Mexican drug cartels to the militant group
Hezbollah.
Many stolen phones
are shipped to distant
points on the globe,
sold to consumers in
Asia, Eastern Europe
and Latin America.
Phone theft is a market now worth some $30 billion a
year, according to Lookout, a San Francisco-based mobile
security firm.
Worm in the Apple
Recently, Apple reported the existence of a very serious
security flaw that could leave iPads, iPhones, and iPod
Touches open to the prying eyes of hackers.
Apple has published a fix, in the form of iOS 7.0.6, a
software update that should shore up the defenses of
your mobile device. If you’ve got your tablet/smart
phone/media player set up to automatically download
new Apple software, there’s a chance that you’re already
updated. If not, navigate to Settings > General >
Software update, and tap the “download and install”
bar at the bottom of the screen.
For More Information:
n www.lifelock.com n www identityprotection.com
n www.idtheft.about.com
n www.informationweek.com
3. Smart Data
Protection
Tips for
Smartphone
Consumers...
Herearesomeproventipsfromawiderangeofsources
andexpertstohelpyouavoidcompromisingyour
Smartphone.
n Create a complex password that combines letters, numbers
and symbols. Never use the name of a child, dog, spouse,
city where you were born or other information that can
easily be obtained (such as your date of birth). And change
this password regularly – at least every three months.
n Turn on the “Data Protection” feature on your phone, if
this feature is available. If this feature is not available,
purchase a back-up/wiping service for your phone. This
service allows you to immediately erase information stored
on your phone in the event the phone is lost or stolen.
n Pay attention to what you do on your Smartphone. Take
the same precautions as you would on your work or home
computer.
n Keep your phone locked when you are not using it.
n If your phone is missing, call your phone carrier as soon as
possible to report it and have your data wiped.
Smart Phone InformationTheft
According to Time Magazine, nearly half of all Americans own a smart phone and 33% of these persons
are more likely to fall victim to identity theft than those who don’t own smart phones. A recent survey
disclosed that more than 7% of Smartphone users were the victims of identity theft.
Smart people who buy smart phones can do some dumb things! Most owners forget that a smart phone is
a computer and can engage in very careless and risky behavior that can very easily lead them to become a
victim. Sixty two percent of Smartphone owners don’t use password protection, allowing a criminal with
unbridled access to the accounts and information kept on a phone. Using public Wi-Fi networks, leaving a
phone unattended on a table, not using a phone password, not locking a cell phone or downloading a
seemingly harmless app are all actions that can lead to a thief to quickly access and steal your personal
information.
So, while we could provide you with a wide range of general tips to help you avoid becoming an identity
thief’s next victim (you can obtain this information from our past SecurAlerts), we thought we would focus
the remainder of this issue on what you can do to help safeguard your Smartphone (and the phones of your
friends and family) and its gateway to your identity.
4. n Smartphones can link financial and shopping accounts with credit card and debit card numbers (to make
it easier for the user to shop and bank via on-line services). Consider inputting information for each
transaction as opposed to allowing the phone to memorize your accounts and passwords. That way, an
unauthorized user cannot automatically access your accounts.
n Check URLs for accuracy, stay away from suspicious links and make sure a site is secure before
using your phone to relay personal information (a secure connection should have the web address begin
with “https”; stay away from sites that only indicate “http”).
n Application security
• Install a reputable and current anti-virus software program that protects your phone against spyware
and malware.
• Research apps (via Google search: “app name – problems”) to determine if they are safe before you
download them.
• Before downloading any app, review the information the phone app is asking permission to access; if it
asks for too much personal information, consider not using the app.
• Download app and software updates when they become available.
• Never “root” or “jailbreak” your phone (to enable apps that the phone is not designed to or not ap
proved to handle); this runs the risk of introducing malware to your phone’s operating system.
• Delete unused apps.
n If you think you have been a victim of identity theft:
• Place a 90 day fraud alert on your credit reports.
• File a police report.
• File a fraud affidavit with the Federal Trade Commission.
Remember, a Smartphone IS a
computer, so install security
software just like you do for
your home computer. This
software should contain an
antivirus that should be updated
as updates are made available.
5. Smart Phone Kill Switch Closer to Reality
Our “crack” SecurAlert research team (LOL) uncovered that members of the U.S. Congress are working on
legislation that would mandate the addition of a “kill switch” for all smartphones purchased in the United
States. You may recall that last year, SecurAlert indicated that this feature was being considered by smartphone
manufacturers.
Titled “The Smartphone Theft Prevention Act,” U.S. Senators Amy Klobuchar (D-MN), Barbara Mikulski
(D-MD), Richard Blumenthal (D-CT), and Mazie Hirono (D-HI) recently introduced legislation that would
mandate smartphones to have a “kill switch” in order to protect consumers and combat identify theft and the
actual theft of the phone.
According to the Federal Communications Commission (FCC), approximately one-in-three robberies include
the theft of a mobile phone and criminals targeting smartphones for its resale value or opportunity to obtain the
financial information of the victim.
“Cell phone theft has become a big business for thieves looking to cash in on these devices and any valuable
information they contain, costing consumers more than $30 billion every year and endangering countless theft
victims,” said Sen. Klobuchar. “This legislation will help eliminate the incentives for criminals to target smart-
phones by empowering victims to take steps to keep their information private, protect their identity and financ-
es, and render the phone inoperable to the thieves.” (SOURCE: Information Week).
With the legislation, the victims of cell phone theft will have the decision to maintain their private information
by deleting such data, thus, rendering the phone useless to thieves. Victims would be able to remotely make
their devices inoperable and delete personal information from them at a moment’s notice and at no extra cost.
The Smartphone Theft Prevention Act acknowledges that the “kill switch” technology should be offered free of
charge to the consumer and prevent anyone from activating the smartphone except for the original owner.
Stay tuned for updates!
Stop using the freeWiFi hotspots
in cafes, airports and hotels, as
they are constantly sniffed by
cyber criminals.This can be
especially dangerous when you
are making purchases with your
credit card on unsecured
connections.