Recently, the Brazilian media reflected the developments associated with the leak of conversations involving members of the high echelon of the government and the national judiciary. This issue rekindled the concern about data privacy, especially when it comes to the use of social networks and applications, for the most varied purposes, increasingly inserted in people’s daily lives.
Because of these cases, which generated great repercussions on the national scene, the Brazilian government is even planning the creation of its own application for communication and using only encrypted cell phone, preventing theft or leakage of information.
But how can we, ordinary users, protect ourselves from leaking conversations, data theft and other types of cyber threats? Below, we’ve separated some tips and information to assist application users in this mission.
How do crackers act?
Spying or hacking an operating system, whether Android or iOS, via a smartphone, is not an easy task. It is necessary that the cracker has specialized skills and tools and that the victim collaborates by not following basic safety principles.
Always be aware of strange behavior when using phones and applications, as they can indicate that it has suffered some type of attack and your data may be at risk. In apps such as Whatsapp and Telegram, for example, be aware of the following behaviors: the application asks you to re-login frequently, conversations with unknown people, messages disappear for no reason, appearing or being viewed without your knowledge.
This usually happens when the user clicks on malicious links or allows the installation of unknown applications, which start to collect confidential information and even control smartphone features and applications without permission.
In some cases, such as the conversation leaked between Minister Sérgio Moro and Attorney Deltan Dallagnol, the cracker used advanced features to intercept messages, and to gain access to the communication application used by those involved. Certainly, this type of action does not occur very often and it is also not an attack type aimed at “conventional” users, but the case is interesting to illustrate the level of specialization of attacks today.
How to be protected and avoid conversations and information to be stolen?
If you want to take less risk and protect your data, some basic tips can help you stay safe:
- Keep operating system and applications always up to date;
- Enable the two-step verification option in the applications;
- Lock your cell phone screen so that it is not easy for anyone to access it;
- Do not enable the display of notifications and snippets of conversations on the smartphone’s lock screen, as this makes it easy for anyone to see your messages;
- Never click on suspicious links and promotions. These are the most common means of installing malicious applications on your device;
- Avoid keeping sensitive data on your smartphone, including personal photos, documents and other items whose loss causes major inconvenience;
- Do not store files with access credentials (login and password) from banks and other applications on your cell phone, use specific tools for this purpose;
- Be very careful with public Wifi networks. It is possible that they have security flaws that make it possible to intercept the data that travels through it (in these cases, choose to use your data plan);
- Do not respond to unknown numbers and suspicious messages. In some cases, it is enough for you to answer for the criminal to have access to your data;
- Pay attention to “social engineering”, a very common term nowadays. Avoid passing on data to unknown people who make contact with you via cell phone and also avoid exposing too much information about yourself and your routine on social networks.
Como proteger sua empresa e funcionários?
How to protect your company and employees?
In the case of a company, leaks and information theft can bring even greater losses. Therefore, much more than educating its employees to apply good practices for the use of mobile devices and technological resources, in general. It is also important that the company uses mechanisms, such as antivirus, firewall and other resources to maintain the level of security of the business.
It is important to protect the data flow that travels on corporate networks, to maintain backups of applications and important information, using solutions capable of acting in the main layers of the corporate structure that require protection.