Securing your digital life, part three: How smartphones make us vulnerable – Ars Technica

Enlarge / In this story, we’re going to learn about “pig butchering.”

Aurich Lawson / Getty Images

Securing your digital life

View more stories

There are, by some estimates, more smart phones on this planet than human beings to use them. People who have never used a desktop computer use smart phones and other mobile devices every day and have much of their lives tethered to them—maybe more than they should.

As a result, cyber-grifters have shifted their focus from sending emails to gullible personal computer users (pretending to be Nigerian princes in need of banking assistance) and have instead set their sights on the easier target of cell phone users. Criminals are using smartphone apps and text messages to lure vulnerable people into traps—some with purely financial consequences, and some that put the victims in actual physical jeopardy.

I recently outlined some ways to apply a bit of armor to our digital lives, but recent trends in online scams have underscored just how easily smartphones and their apps can be turned against their users. It’s worth reviewing these worst-case scenarios to help others spot and avoid them—and we aren’t just talking about helping older users with this. This stuff affects everyone.

Enlarge / Uh oh, Hoodie McHackerman is back, and now he’s after your phones.

PeopleImages / Getty Images

I’ve personally been contacted by a variety of people who’ve been victims of mobile-focused scams and by people who’ve found themselves exposed and targeted via unexpected vulnerabilities created by interactions with mobile apps. For some, these experiences have shattered their sense of privacy and security, and for others, these scams have cost them thousands (or tens of thousands) of dollars. In light of this, it’s worth arming yourself and your family with information and a whole lot of skepticism.

Targeted SMS phishing

The last two years have seen a tremendous uptick in text message phishing scams that target personal data—especially website credentials and credit card data. Sometimes called “smishing,” SMS phishing messages usually carry some call to action that motivates the recipient to click on a link—a link that often leads to a web page that is intended to steal usernames and passwords (or do something worse). These spam text messages are nothing new, but they are becoming increasingly more targeted.

In 2020, the FTC reported that US consumers lost $86 million as a result of scam texts, and the FCC went as far as to issue a warning about COVID-19 text scams. Sure, sure, you’re smart and you would never give up your personal data to a sketchy text message. But what if the text mentioned your name, along with enough correct information to make you just the slightest bit concerned? Like a text message purportedly from your bank, giving your name, asking you to log in to confirm or contest a $500 charge on your credit card at Walmart?


Enlarge / Mobile scams are everywhere, but they usually aren’t being perpetrated by scary dudes in hoodies, stock art notwithstanding.

BrianAJackson / Getty Images

That’s the kind of message I recently received. If I had not read the message carefully or noticed that it had come from a spoofed phone number that was not connected …….


Posted on

Leave a Reply

Your email address will not be published. Required fields are marked *