Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Holiday Shopper Beware: Smartphone Thieves Are Getting Smarter

It's beginning to look a lot like a mobile Christmas. Here are tips on how to keep your smartphone and data safe.

Black Friday is fast approaching, and soon malls across America will be filled with smartphone-toting shoppers--and smartphone thieves eye a bounty of opportunity.

There's no doubt holiday shoppers will be whipping out their smartphones more than ever before. They'll be keeping track of purchases with the Christmas Gifts List app, comparing prices with RedLaser, checking and re-checking dwindling bank account balances on their banking app, and even authorizing payments with Google Wallet on Android phones.

Smartphones galore, harried shoppers, crowded places, all make up an environment rife with theft. Even worse, thieves are getting better at plying their nefarious trade. Kurt Roemer, chief security strategist at Citrix Systems, has a few tips for staying safe this holiday season.

Lose Your Phone?

Your mind is swirling amid a throng of shoppers, your arms full of packages, and you need to take a seat: so you park it next to a fountain, lay your iPhone next to you--and in an instant a thief swoops in and swipes your smartphone. The odds of this scenario playing out are actually quite good.

Hopefully, you've done some preparation.

For starters, you'll want to enable and test the Find My iPhone service, which tracks iOS devices via GPS. You can log into the service from another computer and locate your phone while it's in transit or at the fountain where you left it. Either way, the frantic moments following a lost iPhone is NOT the right time to become familiar with Find My iPhone.

Make sure your phone is password protected, too. This is a simple preparation step, but it's surprising how many people don't use the password feature. On iPhones, accessing a corporate Exchange server requires the phone to have a password.

Savvy smartphone owners might think they'll be able to track down a stolen iPhone with Find My iPhone on their own without the IT department ever knowing. Or maybe they figure IT can remotely wipe corporate data and apps from the lost or stolen iPhone, which is possible with iOS, leaving them in the clear. Savvy? Yes. But thieves are savvier.

The Trail Runs Cold

After stealing a phone, a smart thief will pull the SIM card out right away, Roemer says. The phone stops communicating out on the network, which means IT can't remotely wipe it and services such as Find My iPhone won't work well. Later, the thief may jailbreak the phone and try to get information off it.

Thieves can also get a hold of a special box used by law enforcement in forensics that shields phones from all electromagnetic interference. A smart thief will throw a stolen phone into the box, where it can't be remotely wiped or tracked. Then the thief can look through the phone later, after the owner has stopped looking for it and IT has given up trying to wipe it.

"Go out and buy one of the boxes, it makes a good Christmas present," Roemer says, sarcastically.

Bottom line: If your phone is work-related, you better remove sensitive data before heading to the mall.

Thieves Turn the Tables

So you're in a crowded line. You finally get to a cashier, and whip out your credit card to pay for that Oakland Raider jersey you know she'll just love. The guy behind you is looking into his iPhone probably surfing the Web--or is he? Maybe he's secretly shooting video of you and your credit card number.

The same goes true for lines at ATM machines. Thieves will try to record your personal identification number and then follow you, looking for an opportunity to snatch your wallet.

The best way to protect yourself is to be mindful of your surroundings, as well as prepare for worst-case scenarios. Of course, this can be difficult for shoppers buzzing with holiday spirit and energy.

Oh, and one more thing: Keep a low-profile, so as not to put a target on your back.

"Don't flash the phone around," Roemer says.

Tom Kaneshige covers Apple and Networking for CIO.com. Follow Tom on Twitter @kaneshige. Follow everything from CIO.com on Twitter @CIOonline and on Facebook. Email Tom at tkanshige@cio.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Apple, Citrix, Citrix Systems, etwork, Facebook, Google, Laser
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Citrix Systems, consumer electronics, Criminal, Google, Kurt Roemer, legal, smartphones
Latest Blog Posts
Whitepapers
  • Bend or break: Flexible Policy
    DON’T. PANIC. Aligning business and IT needs has always been a challenge. Finding the right balance between ensuring the safety of sensitive data and enabling the free flow of information is increasingly difficult in today’s evolving regulatory and threat environment. Read on.
    Learn more »
  • Top 10 Mistakes in Data Centre Operations: Operating Efficient and Effective Data Centers
    For years, the data centre industry has accepted that human operational error, not poor data centre design or engineering, is the number one cause of data centre downtime. Now is the time for companies to evaluate their data centre operations programs. They must be able to clearly articulate operational requirements and design an operations program based on the risk profile of the data centre. However, the road to creating an industry-best operations program will not be easy, especially for those companies whose core expertise is not in business critical facilities. Read on.
    Learn more »
  • HP and Closed Circuit Print Security Podcast featuring Quorcirca
    Managing Security risks within Enterprise printing environments
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments