Skip to main content

Tips to secure mobile phones from threats.


Mobile phones are widely using a telecommunication device for information transitory. Even though if you are using mobile phones for personal usage, it can be attacked by most security violations too. Moreover, some threats can be happened with or without our knowledge. Hence our mobile phones similarly should be protected as our computers. So here some tips to block mobile attacks that would be useful to you.

Wi-Fi
  • Do not allow your phones to auto connect with unknown Wi-Fi networks connections.
  • Turn off your Wi-Fi connection when are not using it.
  • Do not send sensitive information via Wi-fi, until you know it is secure.
Bluetooth
  • Turn off Bluetooth auto pairing
  • Turn off the connection when you do not need. 
Apps
  • Never download an app from browser except from your mobile official store (play store/ app store).
  • Do not allow access permission unless you trust it.
  •  Keep them updated to ensure the security of the application.
  •  Take a moment for app review. Do not download when it has many bad reviews.


Browser
  • Never save your login credential in a web browser.
  • Always pay attention to URLs.
  • Do not click links, unless it seems secure.


System
  • Never use a weak password.
  • Avoid using Device without passwords.

Smishing (phishing via SMS)
  • Do not use the links which asks your information that seems not needed.
  • Never click on an unknown link which you receive from email and SMS. Eg: the message which says that you got a gift.
  • Delete email and SMS from unknown senders.
Vishing (phishing via voice)
  • Do not response the telephone calls, which asks your financial detail, unless confirming it from an associated organization.
  • Install software that confirms whether it is fake websites or not.

"Treatment without prevention is simply unsustainable" - Bill Gates



-     

Comments

Post a Comment

Popular posts from this blog

Change Language in Google Account

When we create an email address, sometimes we do not consider the language preferences. Afterward, when we log in to a google account, context will be shown as unfamiliar. So we can change the language preferences of google account by following steps.  1.  Click on the Google profile and select google account 2.  Select data & personalization settings. 3. Scroll down and go to general preferences for the web. And click language. 4. If you need to change the default language, click on the pen sign. 5. If you want to add more languages, click on add other languages.
Post a Comment
Read more

Synchronizer Token Pattern

Synchronizer token pattern is one of the prevention methods for Cross-Site Request Forgery ( CSRF ). It uses a value called CSRF token which is unique for a session identifier. When the user login to a website, the server generates a random value called token for a particular session. The token is saved on the server as well as the browser (after obtained from the server). PHP identifies the session using the session variable ‘PHPSESSID’ which is also stored in the browser as the cookie to identify a particular session. The server validates the user when each request is made, via comparing the token value in the server and token value in the browser. Through this write up how synchronizer token pattern is implemented and how does it works will be described.  (Click on the images to view clearly) Source code of the implemented program can be downloaded from here .  I have implemented a login page called index.html to enroll a user to the server. T...
Post a Comment
Read more

CSRF - Cross Site Request Fogery

Cross-site request forgery (CSRF) is an attack where the legitimate user trapped by an unauthorized user to perform an unintended task to a website where they are authenticated. Since HTTP is a stateless protocol, cookies are used to validate the request agent. Once the user login to a website, it will not require to type the username and password for each attempt. Hence, for the server to identify the user, the server generates a session identifier and sends it as a set-cookie header to the client browser with the very first response. The cookie set by the server will be saved in the client browser and, the cookie will be sent along with every request made to the server (Where the domain and path are matched). However, the server does not check any other attribute but session identifier. Although the request is made from another client, the website only verifies whether the requesting user is already authenticated or not, using a cookie. For example, if a person logged in...
Post a Comment
Read more