The cyber threat landscape is rapidly evolving. It is becoming more sophisticated and impacting individuals and businesses alike. To help you stay one step ahead of cybercrime, we’ll be exploring a different aspect of cyber security each month in 2025 as part of our bitesize series.
This month’s focus is on how to secure your personal devices.
Which personal devices are at risk?
Did you know that approximately 60% of the global population (4.88 billion) use smartphones as of 2024? [1] Some people even have multiple phones. In fact, there were 7.21 billion smartphones in use globally in 2024.[2]
Nowadays, we walk around with a goldmine of personal and corporate data in the palm of our hands. This isn’t just limited to our mobile phones but includes tablets, laptops, and even external drives.
Consider the sheer amount of personal data stored in your devices. Bank account details, e-mail, social media, text messages and photographs. All of these can help a cybercriminal get direct access to your information and potentially use it to steal your identity, impersonate you and steal others’ information too.
The risks of smart technology
Have you ever heard of the Internet of Things (IoT)? This term refers to a collection of physical devices including vehicles and appliances, that collect and share data through network connectivity.
How many smart devices do you have in your home? Think video doorbells, smart displays, smart thermostats, home security cameras, baby cams and even robotic hoovers! Although hugely beneficial in some ways, all of these items pose security threats.
The risks of not securing your personal data
Failing to secure your personal data can leave you vulnerable to cyber-attacks. Once someone gains access to your personal data, you have no control over it. It could be shared and distributed to anyone, used to blackmail you or even to commit illegal activities.
How to secure your personal data
Step 1 - Lock down your device
Protect your device by using a strong PIN number or password. If available, we recommend installing biometric security measures to make your security more robust. This includes fingerprint identification, facial recognition, and even voice recognition. Biometric security is difficult to impersonate, so is considered a better defence.
Step 2 – Ensure you install the latest updates
Did you know failing to update software, including your apps, could leave you exposed to a cyberattack? Updates don’t just unlock new features, they also include essential security patches to fix bugs or newly discovered vulnerabilities, which are crucial for keeping your devices safe.
To ensure you have the most up to date security on your device, update your software/apps when prompted. Some apps will even allow you to enable automatic updates. The Government’s ‘Stop! Think Fraud’ campaign highlights that this is one of the quickest and easiest ways to prevent your device from being hacked.[3]
Step 3 – Only download software from brands you trust
We recommend only downloading software from brands you trust. Even if you are sent a link from the brand itself, search for it directly on your app store or from the software’s official website in case someone is impersonating the brand and attempting a phishing attack.
Step 4 - Disconnect from features when not in use
Many devices come with various features, such as Bluetooth, Location, and Wi-Fi, that are often left on. However, these features can leave you vulnerable to a cyberattack. If your device has any of these features left on, it can offer an unprotected point of access for opportunistic criminals. We recommend that you turn them off when you don’t need them to avoid this.
Additionally, where possible, avoid connecting to public Wi-Fi, as it is not secure. When you connect to public Wi-Fi, others on that network can see what you access, leaving your data vulnerable to hackers. If you have no choice, use a VPN to encrypt your connection and limit the sites that you visit (in particular, avoid sites that hold sensitive information.)
Step 5 – Back up your phone
Consider backing up your data onto an external hard drive and deleting non-essential data from your device. That way, you are limiting the information that you have stored on it at any given time, keeping it away from cybercriminals.
Step 6 – Ensure you can track and wipe your device
Whether you have an Android or an iPhone, utilising the ability to lock down your phone remotely is key for keeping your personal data secure.
Consider enabling your phone’s ‘remote wipe’ feature, if available, so that if your device is stolen or lost, you can limit the amount of data available if it gets into the wrong hands.
Another feature that can prove beneficial if your device is lost or stolen is the ability to track it. Take time to investigate the options available to you based on your device, and if necessary, use a mobile device management software to set up this invaluable feature.
Step 7 – Install anti-virus and malware protection
Installing anti-virus and malware protection on your device is an essential step in your line of defence against cybercriminals. If you ever suspect that your device has been hacked or corrupted, you can run a scan which will detect, and quarantine, any malicious activity on your device[4].
Step 8 – Keep up to date with the latest cyber threats
Have you heard about the latest cyber threats? Juice jacking? Quishing? It’s important to keep up to date with new developments that could pose a threat to you. Sadly, in this realm, ignorance is not bliss, so let us clue you in on a couple of things to be aware of.
Firstly, ‘Juice jacking’. You’ve likely seen charging stations for portable devices popping up everywhere in recent years. Think airports, shopping centres, eateries and entertainment venues. Cybercriminals have latched on to these and can ‘infect’ charging stations, so once you plug your device in to charge, you’re transferring your data straight over to the hackers.
Or you may come across ‘Quishing’, where cybercriminals corrupt QR codes. One example of this in action is at parking meters. Often, you will be directed to pay online for parking by your phone using a QR code. However, in some cases, cybercriminals replace the real QR codes with fake ones, taking you to a fraudulent website. They can then prompt you to enter your bank details and set up a fraudulent subscription service to take payments from your bank.
To avoid this, we recommend typing in the URL manually and checking it has a padlock symbol to verify it is secure. Or use the verified parking app indicated on the parking metre. To make matters worse, if you do fall victim to this, not only could you have been scammed but you may also be subject to a parking fine.
Step 9 – Dispose of old personal devices securely
29% of adults admitted that they do not know how to erase data from their old devices securely.[5] Check out the first article in our bitesize cyber series, How to dispose of old devices without leaking data, where we will walk you through exactly what you need to do, giving you peace of mind that no-one will stumble across your data.
Worried about cyber-crime?
When it comes to cyber-crime, many SMEs don’t have sufficient cyber insurance. But the reality is, the risk of cyber-crime to your business far outweighs many other risks that you would cover for without a second thought. It’s time to get real about the risk of cyber-crime. Speak to your usual Towergate advisor to find out more.
About the author
Alison Wild BCom (Hons), FMAAT, MATT, Taxation Technician is a highly respected industry professional who has been working with and advising SMEs in areas including tax, pensions, insurance and marketing for over 25 years. She is a Fellow member of the Association of Accounting Technicians (AAT) and Association of Tax Technicians (ATT) and also has 20 years' experience as a residential landlord.
Sources
[1] prioridata.com/data/smartphone-stats
[2] prioridata.com/data/smartphone-stats
[3] stopthinkfraud.campaign.gov.uk. Keep your software and apps up to date - Stop! Think Fraud
[4] ncsc.gov.uk/guidance/what-is-an-antivirus-product
[5] ico.org.uk/about-the-ico/media-centre/news-and-blogs/2024/12/14-million-people-don-t-know-how-to-erase-their-data-from-an-old-device
Consistent with our policy when giving comment and advice on a non-specific basis, we cannot assume legal responsibility for the accuracy of any particular statement. In the case of specific problems we recommend that professional advice be sought
