In today's digital age, our smartphones have become an extension of ourselves. They hold our personal information, financial details, and even cherished memories.

But what if this device, which some may consider a lifeline, becomes a gateway for criminals to access our lives?

Keiran Burge, a security consultant at Prism Infosec, is a professional hacker who tests the cybersecurity defences of large corporations.

He has identified five common mistakes that could allow him, or any other hacker, to infiltrate your smartphone within seconds.

1. Using Outdated Software

The first thing hackers look for when planning an attack is outdated software.

'Out-of-date software is a really big issue because, if the software has been updated, it's probably because there is a security issue,' Burge explained.

A professional hacker shared that using outdated software could make users vulnerable to hackers. Credit: William Hook/Unsplash

Software vulnerabilities are often quickly fixed by developers, but these fixes are also shared online through forums and hacker communities.

If you haven't updated your software to include the fix, cybercriminals can exploit these vulnerabilities to steal sensitive information or even take control of your device.

To stay safe, always ensure that your software is up-to-date. Regularly check for updates and install them as soon as they become available.

2. Reusing Passwords

Reusing passwords is another common mistake that can put your personal data at risk. If one site you use is compromised, it can give fraudsters access to your accounts.

Burge revealed, ‘As soon as a company is breached, there's usually a big database dump that gets put on the darkweb.’

‘There are going to be databases out there with user name and password combinations for your accounts,’ Burge added. ‘If you're reusing passwords, then any hacker can take that combination and use it to take control of another company.’

He advised against reusing passwords, as your account credentials can be stolen and resold on dark web marketplaces.

​

To protect yourself, use unique passwords for each account and consider using a password manager to keep track of them.

Last month, the global password manager NordPass shared the most common passwords in the country.

It’s important to note that it’s also a good idea for users to choose a distinct password with a mix of upper case, lower case, numbers and symbols.

3. Oversharing on Social Media

In the age of social media, it's easy to overshare personal information online. However, this can expose you to a range of attacks.

‘We can do almost anything to get into a company, but one of the tools we use is harvesting data from social media,’ Burge said. ‘We scour social media sites like LinkedIn to see what we can find.’

This not only risks exposing usernames that could be connected to compromised account credentials, but it also paves the way for a variety of other potential cyber-attacks.

Hackers can use this information to answer security questions or to convince your mobile provider to transfer your number to a new SIM card, a technique known as 'SIM swapping' or 'SIM-jacking'.

‘Once they have that, [they] suddenly have access to all the multi-factor authentication sites that the person is signed up to,’ Burge warned.

This may encompass accounts for work emails, online retail platforms, and even internet-based banking services.

To protect yourself, be mindful of the information you share online. Avoid posting sensitive information such as your date of birth, address, or answers to common security questions.

‘Everything you put up online you no longer have control over, and if you're unlucky and all that information links up, then you can get your identity partly stolen,’ Burge added.

4. Connecting to Unprotected Public Networks

With the rise of remote work, many people connect to public Wi-Fi networks in cafes or other public places. However, these networks often use 'open authentication', which means the data you send across the network is not encrypted and can be captured by anyone else on the network.

Open authentication implies that the data transmitted over the network remains unencrypted, making it possible for anyone else to intercept and capture it.

‘Someone could be sat outside a public Wi-Fi network and just listening in on what's being sent,’ Burge said.

Earlier this year, a frequent flyer almost had her online security compromised while connected to a public Wi-Fi at Sydney airport. You can learn more about that incident here.

To stay safe, always use a virtual private network (VPN) when connecting to public Wi-Fi. This will encrypt your data and prevent eavesdroppers from reading what you're sending.

You can learn more about VPN here:

5. Clicking on Suspicious Links

Phishing scams remain one of the most common ways people get hacked. According to the Australian Competition and Consumer Commission (ACCC), tens of millions of dollars are lost to phishing scams each year in Australia alone—and the figure is still on the rise.

These scams involve sending fake emails or text messages containing links to malicious websites or instructions to download harmful software.

To avoid falling victim to these scams, be vigilant of unexpected messages and avoid clicking on suspicious links or downloading unfamiliar files.

‘You need to be vigilant of anyone sending you something when you don't expect it,’ Burge stated. ‘Don't click on dodgy links, don't download dodgy files, don't fall into their trap.’

While smartphones have made our lives easier, they have also opened up new avenues for hackers to exploit. By being aware of these common mistakes and taking steps to protect yourself, you can reduce the risk of falling victim to a cyber attack.

Key Takeaways

• Cybersecurity expert Keiran Burge has revealed five common mistakes that could allow hackers to gain access to your smartphone within seconds.
  
• Mistakes include using out-of-date software, reusing passwords, sharing too much information on social media, connecting to unsecured public networks, and clicking suspicious links.
  
• Burge advises individuals to keep their software up-to-date, avoid reusing passwords, be cautious of what they share online, use a VPN on public networks, and avoid following suspicious links or downloading dubious files.
  
• According to the Australian Competition and Consumer Commission (ACCC), tens of millions of dollars are lost to phishing scams each year in Australia alone—and the figure is still on the rise.
  

What are your thoughts on these tips, members? Have you or anyone you know ever experienced a security breach on your devices? Share your experiences and tips in the comments below.

 

[Tygie]

In today's digital age, our smartphones have become an extension of ourselves. They hold our personal information, financial details, and even cherished memories.

But what if this device, which some may consider a lifeline, becomes a gateway for criminals to access our lives?

Keiran Burge, a security consultant at Prism Infosec, is a professional hacker who tests the cybersecurity defences of large corporations.

He has identified five common mistakes that could allow him, or any other hacker, to infiltrate your smartphone within seconds.

1. Using Outdated Software

The first thing hackers look for when planning an attack is outdated software.

'Out-of-date software is a really big issue because, if the software has been updated, it's probably because there is a security issue,' Burge explained.

View attachment 36539

A professional hacker shared that using outdated software could make users vulnerable to hackers. Credit: William Hook/Unsplash

Software vulnerabilities are often quickly fixed by developers, but these fixes are also shared online through forums and hacker communities.

If you haven't updated your software to include the fix, cybercriminals can exploit these vulnerabilities to steal sensitive information or even take control of your device.

To stay safe, always ensure that your software is up-to-date. Regularly check for updates and install them as soon as they become available.

2. Reusing Passwords

Reusing passwords is another common mistake that can put your personal data at risk. If one site you use is compromised, it can give fraudsters access to your accounts.

Burge revealed, ‘As soon as a company is breached, there's usually a big database dump that gets put on the darkweb.’

‘There are going to be databases out there with user name and password combinations for your accounts,’ Burge added. ‘If you're reusing passwords, then any hacker can take that combination and use it to take control of another company.’

He advised against reusing passwords, as your account credentials can be stolen and resold on dark web marketplaces.

View attachment 36540
​

To protect yourself, use unique passwords for each account and consider using a password manager to keep track of them.

Last month, the global password manager NordPass shared the most common passwords in the country.

It’s important to note that it’s also a good idea for users to choose a distinct password with a mix of upper case, lower case, numbers and symbols.

3. Oversharing on Social Media

In the age of social media, it's easy to overshare personal information online. However, this can expose you to a range of attacks.

‘We can do almost anything to get into a company, but one of the tools we use is harvesting data from social media,’ Burge said. ‘We scour social media sites like LinkedIn to see what we can find.’

This not only risks exposing usernames that could be connected to compromised account credentials, but it also paves the way for a variety of other potential cyber-attacks.

Hackers can use this information to answer security questions or to convince your mobile provider to transfer your number to a new SIM card, a technique known as 'SIM swapping' or 'SIM-jacking'.

‘Once they have that, [they] suddenly have access to all the multi-factor authentication sites that the person is signed up to,’ Burge warned.

This may encompass accounts for work emails, online retail platforms, and even internet-based banking services.

To protect yourself, be mindful of the information you share online. Avoid posting sensitive information such as your date of birth, address, or answers to common security questions.

‘Everything you put up online you no longer have control over, and if you're unlucky and all that information links up, then you can get your identity partly stolen,’ Burge added.

4. Connecting to Unprotected Public Networks

With the rise of remote work, many people connect to public Wi-Fi networks in cafes or other public places. However, these networks often use 'open authentication', which means the data you send across the network is not encrypted and can be captured by anyone else on the network.

Open authentication implies that the data transmitted over the network remains unencrypted, making it possible for anyone else to intercept and capture it.

‘Someone could be sat outside a public Wi-Fi network and just listening in on what's being sent,’ Burge said.

Earlier this year, a frequent flyer almost had her online security compromised while connected to a public Wi-Fi at Sydney airport. You can learn more about that incident here.

To stay safe, always use a virtual private network (VPN) when connecting to public Wi-Fi. This will encrypt your data and prevent eavesdroppers from reading what you're sending.

You can learn more about VPN here:

5. Clicking on Suspicious Links

Phishing scams remain one of the most common ways people get hacked. According to the Australian Competition and Consumer Commission (ACCC), tens of millions of dollars are lost to phishing scams each year in Australia alone—and the figure is still on the rise.

These scams involve sending fake emails or text messages containing links to malicious websites or instructions to download harmful software.

To avoid falling victim to these scams, be vigilant of unexpected messages and avoid clicking on suspicious links or downloading unfamiliar files.

‘You need to be vigilant of anyone sending you something when you don't expect it,’ Burge stated. ‘Don't click on dodgy links, don't download dodgy files, don't fall into their trap.’

While smartphones have made our lives easier, they have also opened up new avenues for hackers to exploit. By being aware of these common mistakes and taking steps to protect yourself, you can reduce the risk of falling victim to a cyber attack.

Key Takeaways

• Cybersecurity expert Keiran Burge has revealed five common mistakes that could allow hackers to gain access to your smartphone within seconds.
• Mistakes include using out-of-date software, reusing passwords, sharing too much information on social media, connecting to unsecured public networks, and clicking suspicious links.
• Burge advises individuals to keep their software up-to-date, avoid reusing passwords, be cautious of what they share online, use a VPN on public networks, and avoid following suspicious links or downloading dubious files.
• According to the Australian Competition and Consumer Commission (ACCC), tens of millions of dollars are lost to phishing scams each year in Australia alone—and the figure is still on the rise.

What are your thoughts on these tips, members? Have you or anyone you know ever experienced a security breach on your devices? Share your experiences and tips in the comments below.

BASIC INFO - USEFUL FOR ANY DEVICE NOT JUST A MOBILE PHONE.