An After Hours PSA: Protect your phone. It's the most valuable thing you carry.

seamus

OK, so if it's a brand new Samsony iNexus 12S then it's probably worth €500 or more, but that's not what I'm talking about.

This time last year a survey found that 1.6m people are using smartphones:
http://www.rte.ie/news/2013/0422/384168-1-6m-irish-people-now-use-smartphones-survey/

That was a year ago. That figure is likely close to doubled at this stage, smartphones are on the verge of ubiquity, 100%+ penetration.

You have never before carried around anything which while giving you unbridled access to information at the same time provides equally unbridled access to your information. Your wallet or purse, your passport, even your bank statements, they all pale in comparison to the damage that can be done to you by someone who has your phone.

Ever texted someone your address or your date of birth? Ever used a banking app, ordered something online, received flight booking details via email? Used facebook (think of how much information facebook has about you)?
It's all there, it's all on your phone, and someone who has access to your phone has access to that information.

The scummers who take your phone off you, no they probably won't get this information. They just want enough for a baggie of something. The guy they sell it to who runs a dodgy phone shop on Talbot street? Nah, he probably just wants the parts. But he'll hand the phone onto someone else to clean it out. This guy will download all of the information from your phone, run it through various programs to scrape and extract all of the useful information before he hands the hardware back.

Thieves don't have access to this kind of software? Oh yes they do. Being a filthy scumbag isn't about being stupid. There are plenty of highly intelligent programmers and engineers out there who create programs and technology designed to do nothing more than fnck your life up, in the most efficient way possible. And they're accessible to all and sundry for a small fee.

Take care of your phone. If you lost your house keys on the street, you'd probably start thinking about changing the locks. Imagine you lost a briefcase full of all of your personal documents - bank statement, birth cert, passport, driving licence, photographs, etc. What would you do? That's how seriously you need to think about your phone.

You don't use a smartphone, so this doesn't affect you? WRONG. The penetration of the mobile phone and the diligence of operators in collecting customer information means that the mobile phone is fast becoming the de facto form of identification, an authentication method assumed to be "secure enough", because it's an encrypted comms channel.

I work for a company who won't let you set up an account if you don't have a mobile. How many times have you received authentication or activation PINs via SMS? Or even just private notifications about upcoming appointments, etc? Your phone has become a direct communications line to you, equivalent to mail being sent to your house. And assumed to be as secure, it's assumed that nobody else will answer your phone.

In this vein, there's a new scam on the rise. It was reported on boards recently and someone I work with was hit with it last weekend.

Basic rundown is this:

1. Your online banking details are obtained. This could be malware on your PC or phone. Or simple ID fraud and social engineering by going through your bins.

2. Your banking habits are monitored. The scammers keep an eye on things like how much money you have, when you get paid, when you pay big bills, etc. The want to find the time that you have the most money sitting in your account.

3. On the day they pick to strike, they steal your mobile phone number. Not by taking your phone, but either by transferring the number to a different SIM or by initiating a port to a different network. This can be accomplished either by having an inside man with the network, or more likely by social engineering; pretending to be you. The porting process is particularly vulnerable to this kind of fraud.

4. Once your number has ported, your phone goes dead. It will say "service error" or "no network" or something. The scammers have control of your phone number.

5. While you're scratching your head and playing around trying to get your phone to work, the scammers have added themselves as a beneficiary on your account, using the PIN sent to your phone number, and transferred the maximum amount out of your account. Timing is deliberate here; they know when the bank rolls over their daily counter and transfer the maximum amount just before the reset, and then once again after the reset. Your account is emptied in about 15 minutes.

6. By the time you've regained control of your phone and logged into your online banking again, your money is gone, hours ago.

You will get your money back, eventually. But it's days of pain. And it tends to happen on or around the weekend when banks and individuals are less likely to be checking their account and/or phone.

So aside from the obvious things like keeping your information safe and watching your computer for viruses and malware, it's one thing to remember - someone who has control of your phone can literally pretend to be you. When your phone rings and the caller display says, "John Doe", you assume that John Doe is calling. So does everyone else, banks, utiliies, government departments.

If your phone goes dead (i.e. No Service, network error), the first thing you do is restart it. Because let's not jump the gun. If that still doesn't work, then lock out your online banking account by entering your details wrong however many times. On a smartphone you will still have WiFi access even when the SIM is dead..

Then ring your bank. Tell them you suspect someone is trying to access your account fraudulently. They have processes for this kind of thing and they can block all outgoing payments and work with you to change and secure your banking details.

If it's a false alarm, it will be far quicker to unblock your bank account than it is to get your money.

Then start working on getting back your phone number.

Tar.Aldarion

Getting a lot of fake emails pretending to be BOI, especially about their online service and about transfers I've supposedly did, and click here if there is some problem. I dont even have a BOI account, TSB seem to be quit diligent, if I spend or move money in any non normal way they call me.

despot

Banking apps.

Not even once.

darkpagandeath

So when did using the Internet/apps on a phone stopped people from having common sence ?