5 smartphone security fixes to keep your data safe from hackers, scammers and advertisers

Go anywhere online and it feels like someone is watching. That’s because, well, they are.

Tips to keep your laptop, tablet and smartphone safe while traveling this summer



Did you know there’s a secret mobile advertiser ID on your smartphone that knows where you live and what you’ve shopped for online recently? It can easily be traced directly to you and reveals things like your physical address and IP address.

a sign above a store: Public charging stations at places like airports and coffee shops are handy but they also put your data at risk.

© Wittayayut/Getty Images/iStockphoto
Public charging stations at places like airports and coffee shops are handy but they also put your data at risk.

And that’s just one of many trackers, IDs, maps, and settings collecting your info. More often than not, this data is packaged up and sold to the highest bidder. (Sorry, you don’t get a cut.)


Load Error

Start the day smarter. Get all the news you need in your inbox each morning.

If you want to get serious about security, you’ll have to go beyond the usual steps.

1. Turn on USB restricted mode

Ever charge your Apple device in a public place, on a plane or at work? You need to turn on USB restricted mode. It helps to prevent hackers from “juice jacking” your device by installing malware or stealing information through the USB charging port.

How to do it: To turn on USB Restricted Mode, select Settings > Face ID & Passcode > type in your passcode. Scroll down to the section called “Allow Access When Locked,” and make sure the option called “USB Accessories” is toggled off.

Public charging stations at places like airports and coffee shops are handy but they also put your data at risk. If you’re going to be out long enough for your device to run out of power, consider getting your own external power bank and juicing it before leaving your home. If you must use a public charging station, think about picking up a USB data blocker that stops malware from entering your device or bring along your own external battery charger.

2. Auto-erase data


Small firms are big targets for hackers: Engage

While big cybersecurity events dominate the news — most recently the Colonial Pipeline and JBS breaches — cybercriminals are also targeting smaller businesses, and small to midsized accounting firms need to be aware of how to protect themselves.

Cybercriminals often use social engineering to get into systems. These phishing attacks can take the form of bogus emails from “colleagues” enticing users to pass along sensitive information, or hand over passwords.

One of the most important things firms can do to avoid becoming the target of a breach is employee training, said Roman Kepczyk, director of firm technology strategy for Right Networks, during a session at the AICPA Engage 2021 conference this week in Las Vegas.

“What I see at firms when discussing these threats, sometimes, is partners and staff just roll their eyes — it’s led to what we call breach fatigue,” he said during his session at the conference. “And so what I encourage my firms to do is random pop-up training and sessions, which can be done with products like KnowBe4, a phishing testing company that does random spot testing and training on different cyber topics so awareness remains top of mind.”

The stresses, confusion and workplace changes related to the ongoing COVID-19 pandemic have naturally led to spikes in cybercrime, because companies and individuals are desperate, tired, and therefore easy targets to be tricked. Other high-spike times are holidays, like Christmas or Thanksgiving, for the same reasons.

Even though it seems simple, staying on top of the little things can make a significant difference to data safety at a firm, Kepczyk explained. Make sure staff don’t stick passwords onto their laptops, or leave their computer programs or even office doors propped open, for example. He warned against stepping away from your screen even for a minute without locking it, recounting a case where firm staff got emails from the managing partner telling them not to come in the following week — which turned out to be a prank from someone who had come in after hours and noticed the managing partner’s computer had been left open.

“We also recommend that you reboot your computer daily,” he said. “At…


Turn off, turn on: Simple step can thwart top phone hackers

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.

RICHMOND, Va. — As a member of the secretive Senate Intelligence Committee, Sen. Angus King has reason to worry about hackers. At a briefing by security staff this year, he said he got some advice on how to help keep his cellphone secure.

Step One: Turn off phone.

Step Two: Turn it back on.

That’s it. At a time of widespread digital insecurity it turns out that the oldest and simplest computer fix there is – turning a device off then back on again – can thwart hackers from stealing information from smartphones.

Regularly rebooting phones won’t stop the army of cybercriminals or spy-for-hire firms that have sowed chaos and doubt about the ability to keep any information safe and private in our digital lives. But it can make even the most sophisticated hackers work harder to maintain access and steal data from a phone.

“This is all about imposing cost on these malicious actors,” said Neal Ziring, technical director of the National Security Agency’s cybersecurity directorate.

The NSA issued a “best practices” guide for mobile device security last year in which it recommends rebooting a phone every week as a way to stop hacking.

King, an independent from Maine, says rebooting his phone is now part of his routine.

“I’d say probably once a week, whenever I think of it,” he said.

Almost always in arm’s reach, rarely turned off and holding huge stores of personal and sensitive data, cellphones have become top targets for hackers looking to steal text messages, contacts and photos, as well as track users’ locations and even secretly turn on their video and microphones.

“I always think of phones as like our digital soul,” said Patrick Wardle, a security expert and former NSA researcher.

The number of people whose phones are hacked each year is unknowable, but evidence suggests it’s significant. A recent investigation into phone hacking by a global media consortium has caused political uproars in France, India, Hungary and elsewhere after researchers found scores of journalists, human rights activists and politicians on a leaked list of what were believed to be potential targets of an Israeli hacker-for-hire company.

The advice to periodically reboot a phone reflects, in part, a change in how top…


Good guy hackers: St. Paul company uncovers companies’ cybersecurity weaknesses

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

Their mission this night: uncover cyber and infrastructure security weaknesses at Intereum, an office furniture supply company. 

“We worked with this organization to do what we called penetration tests,” said Matt Quinn, Intereum’s vice president of integrated solutions. “They worked on trying to get through the perimeter, through the physical parts of the building … we also had them take some steps around cybersecurity, vulnerabilities.”

“Show you, yep, we were able to get through this door, we were able to bypass this censor,” Halbach said. “And at the end of the day we plugged into your network and took it over.” 

The idea is to beat cyberthieves at their own game before an actual ransomware attack or other threat. 

“Try to look at any available computers that they could get through,” Quinn explains. “Try to get on to our network, once they got into the building, as well as continue just to snoop around where our servers are, just to see if they could get access to our network.”

The team is made up of two parts: One company, RedTeam Security, zeros in on computer systems. Their partner, FoxPoint Security, accesses the building itself. 

“The more integration we have with our networks to our physical locations, the more ways there are to compromise it,” said Bryan Carver, a FoxPoint spokesperson. “If a building per se has a security network that locks the doors, or unlocks the doors, people, property, or operations could be held hostage.” 

“Because if you have the most secure computer network in all the world, but your door’s unlocked and anyone can walk in and steal your laptops, that’s a pretty big issue,” Halbach added. 

Within minutes, both teams are inside — although they’ve triggered an alarm system. 

They quickly locate Intereum’s servers. Equipped with USB drives loaded with a custom code to remotely control the company’s computers, RedTeam finds an unlocked laptop that allows them access. 

“We actually had an employee transition at the time, and that computer was left open and available that evening,” Quinn said. “And, of course, they got access to it, and that, of course, would be a…