Now more than ever your Smartphone is your #1 computer, most people use it more then any other computer.
That’s why it is the #1 target for hackers today, especially now that digital funds are so EASY to steal for people everywhere. There are hacker all over the world mobilizing to attack smartphones very aggressively now and in 2018 like you’ve never seen before.
Now let’s break these section up into two parts, Part #1 about securing your smartphone as best as possible & Part #2 how to ensure your mobile phone provider is secure so that your phone can not be easily ported over to another phone by someone.
Part #1: Securing your Smartphone
First your Smartphone will never be SECURE so let’s adjust how we use our smartphones. I don’t think you will be holding 1+ BTC in a wallet on your smartphone anymore. Think of your smartphone as your wallet, something you could lose and live without. All you need is a good recovery plan to ensure it’s a smooth restoration of services if your phone were get lost or stolen.
For most clients I tell them this, if you want to play games, download apps, surf porn, videos and let you kids use your phone – DON’T put one crypto-currency related app or drop of digital data on that device. I advice clients to get seperate mobile devices just for crypto-currencies & on-top of that I also get them a cheap backup smartphone device ( Costco sells a nice Acer smartphone for $100 ).
Smartphone #1: Your family phone, this is where you keep all your personal life, apps, photos, videos, etc.
Smartphone #2 (Financial Device): This is dedicated to your crypto-currency ventures, your secure crypto profiles / presence include SMS#. We keep games and any other apps off this device, if you want to try new apps and screw around do that on your Smartphone #1 device.
Smartphone #3 ( Backup Air Gap Device): This device is a backup for your 2FA and wallet apps but never is connected to WiFi (internet) & secondary SMS# for confirmation. Never install anything but the bare minimum of apps on this device & never check email with this device.
Part #2: Securing your Mobile Phone provider
The most recent bitcoin hacks that occurred in mid-2017 were are based on the ability of someone to call your smartphone provider and port your phone over to a new device.
This would be similar to you going into a Mobile provider, saying you lost or had your phone stolen – you buy a replacement and they port your new phone and connect it your phone number. Now all calls and text message arrive on your new devices making your old device useless. The worst is no one would know their devices was hacked or ported until their funds were drained or email passwords changed.
Identity Thieves Hijack Cellphone Accounts to Go After Virtual Currency
Safeguarding against phone porting
Hackers Are Hijacking Phone Numbers And Breaking Into Email, Bank Accounts: How To Protect Yourself
What Mobile Providers are saying about Port hacking?
AT&T offers a feature they refer to as “extra security.” Once activated, any interaction with AT&T, whether online, via phone, or in a retail store will require that you provide your passcode. You can use your AT&T online account or the myAT&T app on your mobile phone to turn on extra security(link is external). Note, that when you login online with your passcode, you may be presented with the option to not be asked for it again. Do not accept this option or you will disable extra security.
Sprint asks customers to set a PIN and security questions when they establish service with Sprint, so no additional steps are needed to use this feature.
T-Mobile allows their customers to establish a customer care password on their accounts(link is external). Once established, customers are required to provide this password when contacting T-Mobile by phone. To establish such a password, customers can call T-Mobile customer service or visit a T-Mobile retail store.
Verizon allows their customers to set an account PIN. Customers can do this by editing their profile in their online account, calling customer service, or visiting a Verizon retail store. This PIN provides additional security for telephone transactions and certain other transactions.
Using this extra password or PIN is a good idea and should help reduce your risk of mobile account takeovers. However, it does not offer complete protection, so make sure you remain alert for phishing attacks, protect your financial account information, and examine your mobile phone and credit card bills carefully every month for signs of fraud. If your phone stops receiving a signal and says “emergency calls only” or “no network,” even after you restart your phone, contact your mobile carrier to see whether your account has been hijacked.