Disable camera and microphone
Modern trojans and malware can eavesdrop and record video using cameras and microphones on smartphones. However, to be on the safe side, you don’t have to use the tried-and-tested method of taping the camera.
With the arrival of Android 12, Google added function buttons to the system in the quick access menu that allows you to mute the microphone and camera. So if you need to take a photo quickly, when you open the camera you will be asked to access the modules, as usually when you first open the app. If an app starts capturing a sound or picture in the background, the user will immediately see a request for access to the microphone or camera, which will allow spyware to be detected.
If you do not turn off the camera and microphone, when one or another module is activated, an icon will appear in the status bar of the smartphone informing you of its use – if you see the icon “on”, but not using the device, it is a reason to think about possible surveillance.
It is worth noting that if the user has allowed the application to access the module, the Yandex, VK or Google application keeps the microphone active for instant activation of voice assistants when on certain pages.
Kirill Sitnov, a hardware specialist and lecturer at the MSP School of Programmers, stated in an interview with socialbites.ca that the ability to turn off the camera and microphone has already been implemented by many Android smartphone manufacturers and will soon be ubiquitous.
You can also use a special function in the settings to protect personal data and the device itself from unwanted interference. So iPhone owners can turn on the “USB accessories” mode from the “Face ID and password” menu in the settings. This feature prevents USB accessories from connecting to an iOS device if the device is locked for more than an hour.
In the case of Android smartphones, there is no similar functionality, but according to Sitnov, you should at least limit yourself to protecting yourself from unwanted access to files when connecting a USB cable.
“When the gadget is connected via USB, it is only necessary to set the option in the settings for automatic charging, and for data transfer it was necessary to respond to a request that can only be confirmed when the screen is turned on. unlocked,” says the expert.
Usually, such a function is hidden in the “Settings for developers”, which, depending on the manufacturer, opens after repeatedly clicking on the “Build number” item and others. After activating the section for developers with the keyword “USB”, you can find the necessary item.
Data theft via browser and apps
To protect yourself from “spying” sites, it is recommended to disable browser access to the camera, microphone and files. On iPhone, this can be done in Safari preferences.
On Android, you need to hold down the browser icon, open the “Details” item indicated by the “i” icon and go to the “Permissions” menu. There you have to choose which part of the smartphone the application will be denied access to. It is recommended to use the “Ask every time” setting – so that the user can continue to use all the functions of the program and access will be revoked the first time the application is closed.
Similarly, you can block access to certain data and services on any Android smartphone. On iPhone, many options for app permissions are hidden in the settings in the “Privacy” section.
Mobile Research Group Lead Analyst Eldar Murtazin noted in an interview with socialbites.ca that you cannot be sure of the security of apps even if they are downloaded from Apple or Google stores.
“It is possible and necessary for apps to deny access to photos, SMS, contacts, especially if they are apps that the user is unsure of. For example, if some useful program “runs” and asks to access anything. If an app is on the Play Store or App Store, you don’t need to make sure it’s safe,” said the expert.
Also, Murtazin noted that putting a PIN on a SIM card is an effective way to protect not only data, but also the “wallet” of its owner, which is often neglected by users.
“Users often forget about the protection of the SIM card, and this is a mistake. The reason is simple – if you lose your phone, someone will use it. I have acquaintances, colleagues-journalists in Barcelona, so “hit” for 45 thousand rubles. In one bar, an iPhone was stolen from them, which they could not unlock, but the SIM card was inserted in another device and they called it,” he said.
Moreover, if an attacker can gain access to a SIM card to which banking applications, work accounts and social networks are connected, the user risks losing not only his money, but also his entire “digital life”. Using a SIM card, scammers can steal both intimate photos, which are usually stored in correspondence, and confidential data, which are usually in the cloud or in correspondence with him.
Flash drive protection
Expert Sitnov also noted that for smartphones with a microSD card slot, encryption should be used to read the data on the drive only on this device. If an attacker gains physical access to the gadget, he cannot steal user data from the flash drive.
Due to the lack of expandable memory on the iPhone, this function is not provided. Android users can also find this section in the settings by keywords – the location of this item usually depends on the manufacturer.
Protection from prying eyes
Sitnov believes that the anti-spying glass for a smartphone performs a dual function, protecting the screen from scratches and at the same time protecting users from prying eyes.
“Such a glass allows you to see information on the screen only at right angles to the screen. That is, third-party other passengers on public transport do not spy on you, ”says the expert.
However, it should be borne in mind that such a solution would be inconvenient when sharing a smartphone, for example, watching a video. In addition, such glasses and films poorly transmit light, which significantly reduces the brightness of the smartphone.
there is always risk
There are apps that collect personal user data without their consent and pass it on to attackers. Such software can access correspondence on social networks and instant messengers, capture and analyze keystrokes, take screenshots, record media via a microphone and cell phone camera, and much more.
According to Dmitry Galov, a cybersecurity expert at Kaspersky Lab, two classes of software can be used for various types of espionage: stalker and spyware.
“If surveillance is performed on a partner in a pair using tracking software that requires physical access to the device, you can try to identify it yourself. To do this, you need to check the permissions of applications on Android: usually stalker software uses access to the camera and microphone, geolocation, Accessibility Service and has administrator rights on the device.
At the same time, such surveillance on iOS is not possible without the so-called “jailbreak” or hacking of the operating system. However, if someone still found tracking software on their device, Galov does not recommend deleting it immediately as the attacker will find out quickly.
“A sophisticated targeted attack on a VIP is often implemented using spyware and often with exploits. The infection method may differ depending on the spyware itself. However, it should be understood that the use of such programs is technically complex and is not a mass story,” said Galov.
As most of the experts interviewed by socialbites.ca say, in the modern world it is becoming increasingly difficult to completely protect yourself from espionage. Therefore, Alexander Bulatov, commercial director of NGR Softlab, is confident that the best protection of personal data is a conscious attitude towards the smartphone.
“We have a device that records all movements, conversations and even sees the environment 24/7. These features cannot always be disabled. Bulatov said the best protection is to exclude a smartphone’s physical presence or to insulate it where extra “eyes and ears” are not desired.
The expert warned that programmatic disabling of app accessibility is not 100% guaranteed. It is important to understand that even completely turning off the smartphone or airplane mode cannot guarantee complete passivity of the device, especially if it has a built-in non-removable battery.