Pop culture fancy portraying hackers as evil geniuses, so it might seem that the average technology user would be completely helpless against them. In reality, most hackers are looking for easy prey and abuse very basic security flaws in our systems. You don’t need to hold a degree in IT to successfully protect your Android device from cyber-attacks. A little bit of diligence and common sense go a long way when it comes to cybersecurity.
Set hard to crack passwords
Humans are good at many things but coming up with strong passwords is not one of them. We’re so bad at it that millions of people use 123456, “password” or 11111 to secure their accounts. We tend to pick passwords that are easy to remember, like our child’s first name or our date of birth. Unfortunately, those are very easy to crack and expose you to cybersecurity threats.
Where the human brain fails, technology comes to aid. You can use a password generator to come up with hard to guess, unique passwords. A string of random letters, characters and numbers will protect your account far better than a popular one-word password.
It’s equally important to use a different password for every single account. LinkedIn, Kickstarter and Patreon are just a few among thousands and thousands of websites that suffered data breaches in recent years. Leaked email addresses and passwords can then be purchased in bulk on the black market. If you use the same password for all your accounts, it only takes one leak for hackers to have the universal key to your privacy.
Get a password manager
Naturally, remembering dozens of unique passwords is a mission impossible. To keep your passwords safe and organized you’ll need a password manager, like 1Password, KeePass or LastPass. It will allow you to easily retrieve all your passwords from any device with one master key. If you want to be extra safe, set a calendar reminder to change all your passwords every six months.
Download apps from reliable sources
One of the most dangerous things you can do is download software from unverified sources. An innocent-looking game with great reviews could give hackers backdoor access to your phone and all your data. Malware in apps varies from less harmful adware, which plants ads in the user interface, to the deadly Trojan virus that allows cybercriminals to access, change or delete your sensitive information.
To stay safe, always download software from trustworthy sources. Google Play, for example, has a verification process to weed out harmful apps. You can also use Play Protect, Android’s in-built malware detection, to scan your already installed apps for malware.
Back up your data
In case you fall victim to a cyber-attack where your data is stolen or damaged, you must all your information backed up. You can use Google Drive or an automatic backup app of your choice. If you’re using a password manager, your passwords and sensitive information is already securely stored.
Turn off suspicious app permissions
Some apps need access permissions simply to do their job: Instagram requests access to your gallery so you can upload photos and Skype needs access to your microphone to make a call possible. But in the world where most people don’t read terms and conditions before they click “agree”, application providers are known to sneak in some extra, often invasive, permissions to gain control of your data.
Access permissions you should look out for are making phone calls and sending SMS/MMS. If an app doesn’t need these functionalities to work, you should ask yourself why the developer included them. Some apps use automatic calls and texts as a scam to make money.
Other intrusive permissions are your precise GPS location, modifying SD contents, reading and writing your contacts and full network access. It’s up to your discretion to decide if access permission is genuinely needed for the app’s core functionalities. If you want to review which apps are allowed to do what, you can do this in settings. Head over to “Apps” or “Application manager”: you can view every app you have on your device and change its access under “Permissions”.
Get a good VPN app
Connecting to public Wi-Fi exposes your device to a whole range of cyber threats but an Android VPN curbs online risks by encrypting your internet traffic. Open Wi-Fi networks – at your local Starbucks, the airport or at the hotel – can be unencrypted, allowing anyone with basic technical knowledge to spy on your online activity and steal your sensitive information. VPN solves this problem by routing all your traffic through a safe, encrypted tunnel before anyone can see it. Instead of accessing the raw data, the attacker would see encrypted information that obscures what websites you’re visiting, what you’re doing there and what passwords you’re entering. It’s true that with time and effort data can be decrypted but most criminals are looking for a quick win.
The bad news is that hackers and cybercriminals have been abusing VPN’s popularity. There are hundreds of malicious VPN apps that sneak malware onto your device or track you and sell your data to advertisers. Especially the free VPN apps shouldn’t be trusted – the operational costs of maintaining a VPN service are high so it’s doubtful that the app is genuinely free. Most likely, you’ll be paying with your data.
Before you download a VPN app, make sure to do your research. Boring as it sounds, reading terms and conditions is the best way to find out if the provider has hidden intentions. Look out for services that collect and store your information or have intrusive app permissions. Once you get a VPN, you can also check if it fully encrypts your traffic by running a DNS leak test.
Keep your devices updated
Security updates are incredibly important for both apps and operating systems – they fix bugs that could expose you to cybercrime. With Android, you don’t need to check for new system updates, your device will automatically let you know when one is available. All you need to do is install it as soon as possible.