In today’s society, it can be said that cybersecurity is closely related to every citizen. Nowadays, a mobile phone can make the road congestion situation clear at a glance, and you can buy pretty much everything without leaving your home. However, many technological innovations rely on the massive collection of user data, which explains why once we have searched for one particular product, we will be constantly harassed by all kinds of advertisements for that product type. The arrival of the big data era is strong and irreversible, with increasing information disclosure incidents, society is paying more and more attention to internet security issues.
Smart Phone Apps
Many mobile apps require various permissions such as “access to the contact list”, “access to the microphone”, “access to the camera” and so on. Such force the user to inadvertently hand over control of the mobile phone to the app. This is not necessarily harmful to the user’s privacy, but it can be threatening.
The Jiangsu Consumers Association has inspected more than 100 mobile phone apps; 79 could obtain rights to the user’s location, 23 could send text messages directly to contacts on the phone, 96 could send messages at will and 14 could monitor the phone conversation and terminate it. Even more frightening is that these permission acquisitions are done unconsciously. While some of these sensitive permissions that are over-acquired are the result of users not carefully reading the instructions and granting them; others were more discretely, and illegally acquired.
So how do we detect if our mobile phone is being monitored? Since many application enable permissions are set to open at the phone’s startup, they are always open in the background, so their power consumption will be relatively large. In addition to checking the power consumption of apps, you can also see if there are suspicious programs that are self-starting and running in the background. In addition, you can also turn off the developer mode on your phone to partially block viruses such as Trojans. Most importantly, it is always best to only download apps from the store of the phone’s manufacturer, not a third-party app store.
Phishing Websites
Phishing websites are often spread by spam, instant chat, text messages or fake advertisements on websites. For example, in the name of “Company Anniversary”, “Lucky Audience”, “Low-cost Air Tickets”, “Mobile Phone Top Up Discount”, etc., the user is tricked into filling out online forms with ID card numbers, bank accounts and other information. They also tend to imitate Alipay, online banking and other well-known websites in their attempts to infiltrate user accounts.
Therefore, be sure to pay attention to the details of websites; colour, content, links and so on. It is also important to beware sites that have been flagged for blacklisting; a secure browser will prompt as to the security threat. Moreover, the address of any payment-related website should start with “https”, while there are also icons such as locks in the address bar. Do not blindly believe in the recommendation of search engines, and do not click links in emails, WeChat, Weibo, or text messages, especially those with short addresses. Finally, we also need to carefully identify the address: For example, ICBC’s website icbc.com.cn can easily be misidentified as lcbc.com.cn, while www.microsoft.com can be confused with ww-w.Incrosoft.com.
Free WiFi
Many public WiFi now have no password and users can connect at will. Yet, there is the possibility that such WiFi networks have been built by a hacker. After the user connects to the WiFi, the hacker can not only read various private information and files on a phone without the user’s permission, but also remotely control apps such as camera, microphone, etc.
Therefore, it is important to carefully identify and confirm the hotspot’s name and password with the Wi-Fi provider. If absolutely necessary, try not to use passwordless hotspots for shopping, online bank transfer, or anything involving entering sensitive personal information, etc. VPNs also provide an additional level of security. Lastly, avoid auto connecting to previously used WiFi networks to prevent the phone from inadvertently accessing the “evil twins” of legitimate Wi-Fi hotspots.
QR Codes
Due to the fact that QR codes are very easy to make, the security traps associated therewith are virtually endless. The most well-known example is shared bikes. Users need to scan the QR code on the bike in order to use it, but if another QR code (one designed to look almost identical) is pasted over the original, when a user scans the fake QR code, it is very likely that their personal information is at risk.
Therefore, in daily life, be sure to be vigilant against various QR codes on the street. Do not scan QR codes from unknown sources, and don’t hesitate to ask a merchant to confirm the authenticity of the QR code. When scanning a payment code or making your phone available for the vendor to scan, remember to cover the phone screen while opening the QR code payment interface and try not to let others have the chance to scan the payment interface. Using fingerprints and face verification instead of passwords is also recommended.
Telecommunications Fraud
When receiving strange calls related to money, most people are cautious. But what if you receive phone calls from official phone numbers, such as 10086, 110 or 120?
In real life, hackers will often use such a method to disguise their phone number. We can be vigilant by hanging up immediately should the caller want to talk about bank cards, transfers, accounts, etc. Perhaps they may also send “winning” information to you through QQ, email, etc., so that you take the initiative to contact them, leading to them asking for money for postage, tax, etc. It is also possible that they may hack QQ or email accounts, to then contact the owner’s parents or friends, claiming an emergency and that the account owner is in need of money.
Face Recognition
With the rise of verification by facial recognition, the “Face Swap” system can automatically recognise a face and reveal possible personal information such as gender and age. Yet, the the system can easily change any face to that of another person, and then there are the abundant claims that such face recognition is equally likely to pass verification.
These six traps are just the tip of the iceberg, while we will all of us encounter many more, often unwittingly, sometimes not until it is too late. With the rapid development of future technology and the influence of the internet era, such means are varied and change with each passing day. Vigilance therefore, remains key.
