Securing smartphone users from ‘hackers’ attacks                                         

In this digital age, almost every adult has a smartphone. Smartphones have become essential in our daily lives due to their versatility and wide range of functionalities. Smartphones are used as comprehensive devices for communication, entertainment, work, and personal management making them integral to modern life.

As of early 2024, there are approximately 205 million smartphone connections in Nigeria as per the Data from GSMA Intelligence. This wide adoption and a significant rise in smartphone usage have attracted cyber criminals to target smartphone users.

These threats highlight the importance of cybersecurity awareness among the users.

According to the 2022 African Cyber threat Assessment Report by INTERPOL, Nigeria is one of the top countries in Africa targeted by cybercriminals, with a significant portion of these attacks focusing on mobile devices

In today’s digital age, nearly every adult owns a smartphone. Because smart devices are functional and multifunctional, they have become a crucial part of our daily routine. Smartphones are a single device for communication, entertainment, work, and personal organisation—effectively joining these integral items with modern life.

According to data from GSMA Intelligence, as reported in early 2024, there are about 205 million smartphone connections in Nigeria. Growing smartphone connections and increasing mobile phone usage have pulled cybercriminals to mostly target smartphone users.

These threats highlight the need for the public which uses smartphones to be conscious of cybersecurity issues.

The 2022 African Cyberthreat Assessment Report by INTERPOL reported Nigeria is one of the countries in Africa primarily targeted by cybercriminals, accounting for the country’s cybercrime attacks targeting mobile devices.

Top Ways Hackers Are Breaking Into your Smartphone in Nigeria
Phishing attacks: Hackers send deceiving emails, text messages, or social media messages (WhatsApp, Facebook, Instagram, etc.,) that appear legitimate. These messages often contain malicious links or attachments when clicked they install malware on your device.

For example, a message claiming to be from your bank asking you to verify your account details by clicking a link or from your or message claiming from your postal provider holding your package and asking you to click the link to claim it.

Malware and spyware: Malicious software can be installed on your phone through infected apps, downloads, or links. Once installed the malware can steal data and track your activities or give the hacker control over your device.    For example, downloading an app from an unofficial app store that contains hidden malware instead of Apple Store or Google Play Store.

Public Wi-Fi attacks: Hackers set up rogue Wi-Fi networks or even can compromise legitimate ones in public places. When you connect to these networks they can intercept and monitor your data including sensitive information like passwords.

For example, connecting to a free Wi-Fi network at a coffee shop, bus stand, or train station that has been compromised by a hacker.

SIM swapping
In a SIM swap attack, hackers contact your mobile carrier and convince them to transfer your phone number to a SIM card they control. Once successful, they can intercept calls and messages, including two-factor authentication (2FA) codes.

For rxample, A hacker posing as you convince your carrier to transfer your number to their SIM card.

Bluetooth hacking 
Hackers exploit vulnerabilities in Bluetooth to access your phone remotely, often without your knowledge. They can steal data, send malicious messages, or gain control over your device.
For example, a hacker within Bluetooth range sends unsolicited messages or accesses data on your phone without pairing.

Malicious apps
Some apps, especially from unofficial or third-party app stores, can contain malware or hidden backdoors. These apps can request excessive permissions that allow hackers to access your data. For example, a seemingly harmless game app requesting access to your contacts, messages, and microphone.

Social engineering: Hackers manipulate you into revealing sensitive information or taking actions that compromise your security. This can be done through phone calls, messages, or even in person. For Example, A scammer posing as tech support tricks you into installing a remote access tool on your phone. Or can identify themselves with a fake profile of a bank institution

Exploiting operating system vulnerabilities
Hackers exploit known vulnerabilities in your phone’s operating system to gain unauthorised access. This is especially a risk if your phone’s OS or apps are not updated.

For example, using an unpatched vulnerability in an outdated version of Android or iOS to take control of your phone.

Physical access: If a hacker gains physical access to your phone, they can install malware, change settings, or steal data directly. A hacker briefly takes your phone and installs a spy app while you’re not looking.

QR code scanning: Hackers create malicious QR codes that, when scanned, lead to harmful websites or automatically download malware onto your phone.

For example: Scanning a QR code at a public event that redirects you to a phishing site.

Malicious USB charging cables: Hackers can compromise public USB charging ports, allowing them to install malware or steal data when you charge your phone. These USB cables exactly look like normal ones and there is no way to identify the difference.

What are the signs when your phone is hacked?
Do you have any Unknown apps that aren’t installed by you?
Is your phone performance slowdown for no reason?
Battery drain even while not using the Phone.
Do you have an increased Wi-Fi/cellular data consumption even in case of no use?
Do you feel the heat of your phone even when it is turned off?
Any unusual texts that are sent from your device that you haven’t sent.
The phone may slow down or be unresponsive due to malicious processes running in the background.
Strange pop-ups or adds to your phone.

How do you protect yourself from being Hacked?

Don’t open links from unknown messages and emails via WhatsApp, Facebook, or Instagram. Any other channel

Change your account passwords and PINs regularly (at least every six months)

Keep the passwords strong and don’t use simple sequential numbers or birthdays or names of your family that could be easily detected.
Make sure your phone has a lock screen protected with a password.
Cover your hand on top of the screen while entering any credentials such as financial passwords or pins in public, try using Biometric if your phone supports it.
Never share OTP or private information with anyone.
Do not login to banking or other apps when connected to the public wifi networks.
Don’t accept any unrecognised pairing requests to your phone.
Don’t give the phone to the unknown people.
Be careful while scanning QR codes at shops while making payments and don’t click any URLs that you don’t recognise after scanning QR code.
Try to avoid using public charging cables and rather carry your cable and adapter when traveling.
Keep your phone software up to date. You can check this by going to your phone settings -Software update.
Be cautious with spamming calls and try not to get tricked.
Example, for someone who claims they are a bank employee asking for OTP, you have won a lottery or prize and asking you to fill in the details.
Fake loan offers, investment opportunities, or impersonation of officials and loved ones using advanced technologies like deepfakes.

Aggressive telemarketing practices
Download the apps from legitimate app stores such as Apple Store and Google Play Store and avoid downloading from other sources.
Boyapati is a Director at Samsung Research America. He can be reached via: [email protected]