Is your phone being tracked? How to tackle mobile device privacy and security risks
We carry our smartphone around at all times, so if someone knows where it is, they know where we are. That’s not to mention all the personal and financial data we store and access on these devices; including log-ins to all of our online accounts. No one wants these to fall into the wrong hands.
There’s also a privacy risk from the large volumes of location and web browsing data that advertisers, social media companies and others collect via our devices. As the US government warned in 2022: “Businesses collect, use, and sell consumer data. But consumers may be unaware of how it's being collected and used and generally aren't able to stop its collection or verify its accuracy.”
By better understanding these risks, you can take steps to start minimizing them.
The Main Ways Your Phone is Tracked
Perhaps the most obvious way your phone could be tracked is via GPS. Many applications use this feature to monitor your location—ostensibly to improve the service they deliver. But what’s appropriate for a maps app may seem like overreach for, say, a game. Malicious or suspicious apps could abuse this feature to track your movements. Also, legitimate app developers could be breached, compromising historic location data.
However, even if you switch location services off on your iOS/Android device, there are ways for third parties to track you. These include:
Spyware and Malware
Malicious software installed on your device designed to monitor activities, including location tracking, is generally referred to as “spyware”. It exploits device vulnerabilities to function and is designed to operate covertly. Spyware could do anything from keylogging and stealing browsing info to recording audio and video, and taking screenshots. It could be unwittingly installed via clicking on a phishing link, visiting an infected web page (i.e. a drive by download), clicking on a malicious ad, or downloading a malicious app.
Cell Tower Triangulation
Your mobile operator will also be able to track your approximate location by analyzing your phone’s signal strength, as received by nearby cell towers. This data could theoretically be handed to law enforcement or government agencies.
Stingrays
Also known as “IMSI Catchers,” these mobile devices imitate cell towers and allow sophisticated threat actors and government agents to track the location and other data from nearby phones.
Wi-Fi and Bluetooth Tracking
Smartphones are constantly communicating with nearby Wi-Fi networks and Bluetooth devices. Some of these may be malicious and, if you connect, will seek to track your location and spy on your device. The risk is particularly acute in built-up urban areas with a large volume of overlapping networks and nearby devices. “Legitimate” tracking by retail stores and the like is mitigated by mobile operating systems, which use randomized MAC address to hide your unique device serial number. But as EFF warns, there are exceptions.
Web tracking
Visit any website on your phone and you’ll be tracked by the operator of that site (first-party tracking) as well as potentially shady third parties. They do so mainly via your IP address, HTTP cookies, web beacons and Canvas, as well as browser fingerprinting, and may want to know all about your internet activity.
Physical phone trackers
Physical trackers like Apple AirTag, Tile or Samsung SmartTag use Bluetooth and ultra-wideband (UWB) technology to track devices and display their location in apps such as Apple’s Find My or Samsung’s SmartThings Find. They could theoretically be used by abusive or controlling partners to discreetly monitor your movements, if slipped into a bag or pocket.
Signs Your Phone Is Being Tracked
Watch out for these warning signs that you’re under active surveillance:
Unusual Battery Drain
If your phone's battery is running down quicker than usual, it could indicate spyware or risky apps running continuously in the background. There’s guidance on how to check for iOS and Android.
High Data Usage
Excessive and/or unexpected spikes in data consumption may indicate that some malware or unknown application is continually sending your location data to a third party. You can check for this on Android and iOS devices.
Overheating
Mobile phones do get warm through overuse. But a persistently overheating device, even when not in use, could indicate unauthorized background activity.
Unfamiliar Apps
Tracking apps and/or spyware may disguise themselves as legitimate applications. It pays to take a look at your home screen once in a while to check if something doesn’t look right.
Strange Messages, Notifications and Symbols
If your device receives unusual SMS messages containing symbols or unfamiliar numbers, it could be that spyware is attempting to communicate with a third party. It’s also worth checking to see if the camera or mic on your Android or iPhone device has been activated by an app/spyware.
Unusual Devices
Look out for the presence of anything unusual in coat pockets or bag compartments. These small, slim physical trackers come in a variety of shapes and sizes.
How to Block Phone Tracking
The good news is that by taking a few simple steps, you can proactively head off any privacy and security concerns around device tracking. They include:
Reviewing App Permissions
Take time to regularly review the permissions you grant to your apps, especially those accessing location services. Revoke any that seem unnecessary, and vet new apps with more rigor.
Installing Trusted Security Software
Deploy antivirus/anti-malware software from a reputable security vendor to detect and remove potential threats, and ensure any future downloads are scanned and secure.
Avoiding Public Wi-Fi
If possible, don’t log on to public Wi-Fi networks as they may not be secured, making it easier for hackers to eavesdrop on your device. Some may even be lookalike hotspots that are actually malicious. If you must use them, be sure to download a virtual private network (VPN) first.
Keeping Your Device Updated
Ensure your device OS and any applications installed are up to date with the latest patches. This means they’re optimized for use and any known vulnerabilities have been fixed.
Staying Clear of Phishing Attempts
Be cautious of replying to any unsolicited emails, texts or social media messages. Never click through or open attachments in these, as they could contain malware.
Securing authentication
Use multi-factor authentication (MFA) alongside strong, unique passwords (ideally stored in a password manager) for all applications, and secure the device with a PIN code or password.
Downloading From Trusted Stores
Malware thrives in third-party app stores. So be sure only to install from the official Google Play/App Store marketplaces, and always check the reputation/reviews of a new app before downloading. Be aware of fraudulent websites pretending to be legitimate app stores.
What to Do If You Suspect Tracking
In a worst-case scenario, there are still a few steps you can take to minimize risk. Consider the following:
Perform a Factory Reset
This will remove most malware, including spyware variants. But be sure to back up any critical data beforehand.
Consult the Experts
Call your device manufacturer customer support if the issue persists.
Report to the Authorities
Unauthorized tracking is illegal in many jurisdictions. Reporting these incidents can help prevent further abuse and put you in touch with someone who could help with next steps.
Source - https://www.esetngblog.com/post/is-your-phone-being-tracked-how-to-tackle-mobile-device-privacy-and-security-risks
No comments:
Post a Comment