Mobile Privacy & Cyber Crime Awareness

Cheatsheet Content

Understanding Mobile Privacy Definition: Control over personal information collected, stored, and shared by mobile devices and apps. Importance: Prevents unauthorized access, data breaches, identity theft, and targeted scams. Common Mobile Cyber Threats Phishing: Fraudulent messages (SMS/email) to trick users into revealing sensitive data. Malware: Malicious software (viruses, spyware, ransomware) installed via apps or links. Unsecured Wi-Fi: Public networks can be intercepted, exposing data. App Permissions Abuse: Apps requesting excessive or unnecessary access to device functions/data. Identity Theft: Attackers use stolen personal info for fraudulent activities. Data Breaches: Large-scale compromise of data from services you use. Essential Privacy Settings & Practices 1. App Permissions Management Review Regularly: Check what each app can access (Location, Camera, Microphone, Contacts, Storage). Grant Sparingly: Only allow permissions essential for the app's core function. Location Access: Set to "While using the app" or "Ask next time" instead of "Always." Microphone/Camera: Be highly restrictive; deny if not absolutely necessary. Sensitive Data: Restrict access to contacts, photos, and messages unless critical. Path (Android): Settings > Apps & notifications > App permissions. Path (iOS): Settings > Privacy & Security. 2. Location Services Disable When Not Needed: Turn off GPS/location services when not actively using navigation or location-based apps. Precise Location: Disable for apps that don't require exact coordinates. System Services: Review system services that use location (e.g., "Find My Device," "Emergency Calls"). 3. Security Settings Screen Lock: Use strong PIN, pattern, fingerprint, or facial recognition. Biometrics: Enable fingerprint/face unlock for convenience and security. Two-Factor Authentication (2FA): Enable for all important accounts (email, banking, social media). Automatic Updates: Ensure OS and apps are set to update automatically for security patches. Find My Device: Enable and configure for remote wipe/lock in case of loss/theft. Encryption: Most modern phones encrypt data by default; verify it's enabled. 4. Network & Connectivity Wi-Fi: Avoid public/unsecured Wi-Fi for sensitive transactions. Use a VPN on public Wi-Fi. Disable "Auto-Join" for unknown networks. Bluetooth: Turn off when not in use to prevent unauthorized connections. Avoid pairing with unknown devices. VPN (Virtual Private Network): Use a reputable VPN for enhanced privacy, especially on public networks. 5. Browser & Account Settings Browser Privacy: Use privacy-focused browsers or enable privacy settings (e.g., "Do Not Track," block third-party cookies). Clear browsing history and cookies regularly. Ad Tracking: Limit ad tracking in device settings (e.g., "Limit Ad Tracking" on iOS, "Opt out of Ads Personalization" on Android). Account Sync: Review what data is synced to cloud accounts (Google, Apple, etc.) and restrict sensitive info. 6. Messaging & Communication End-to-End Encryption: Use apps that offer E2EE for private conversations (e.g., Signal, WhatsApp). Link Clicks: Be wary of clicking suspicious links in messages or emails. Unknown Senders: Do not open attachments or click links from unknown or suspicious senders. 7. App & Data Hygiene Delete Unused Apps: Remove apps you no longer use to reduce potential attack surface. Backup Data: Regularly back up important data to a secure location. Factory Reset: Perform a factory reset before selling or donating a device. Recognizing & Responding to Threats Suspicious Activity: Unexplained battery drain, slow performance, pop-ups, unusual data usage. Phishing Indicators: Generic greetings, urgent tone, spelling errors, suspicious links, requests for personal info. If Compromised: Disconnect from network (Wi-Fi/mobile data). Change all passwords immediately (especially email, banking). Run a reputable mobile antivirus scan. Report to relevant authorities/service providers. Consider a factory reset as a last resort.