Is it smart to use your phone for banking?

Americans bank, shop and send private information from their smartphones every day with a false sense of security as the new technology is easy prey for cyber-criminals who want to steal their information.

It’s no secret that our lives are largely lived online: We shop, go to the bank and can now even go to the doctor online.

What you might not have noticed is how we go online has changed. What we used to do on a personal computer we now do on our smart-phones.

“As they become more sophisticated, obviously this is now the new target that attackers go after,” said David Lee, senior manager, mobile product management at Symantec, maker of Norton Mobile Security. “So malware writers, we know, back in the day, everyone was on a PC, that’s what their target was. We’re seeing now the

shift move towards mobile devices.”

A study performed by Intel four years ago found that 50 percent of people do not even use a password-enabled screen lock on their smart-phones, said Lianne Caetano, senior director of global consumer product marketing at Intel Security, maker of McAfee Mobile Security

“There is this false sense of security that people still think of their smartphone as just their phone,” Caetano said. “When you had your landline, you really didn’t need a lot of protection for your phone, but.. .you really can do so much more with your phone than just a phone call.”

People can take steps to surf safely from their mobile devices by taking a few steps and following a few guidelines.

Anyone who wants to protect his or her sensitive information from cyber-criminals must first know what the threat actually is.

The single greatest threat to mobile security are apps that are commonly available to download in the iTunes and Google play stores that ask permission to use your contacts, location, photos and other personal information.

“Apps are the No. 1 threat vector because people download apps and they use them and they may not necessarily be fully apprised of all the information that app may be taking,” Caetano said.

Symantec classifies apps that gratuitously gather personal information as “grayware,” software that may not be malicious, but is either annoying or a security threat.

“Based on our analysis, we think almost 75 percent of all mobile apps we would actually classify as grayware,” Lee said.

Caetano suggested that users only download apps from trusted marketplaces like the Apple iTunes App and Google Play stores. When installing those apps, review the permissions. If the free chess game, for example, is asking for permission to access location information, then deny the permission or find another free chess game that doesn’t ask for that permission.

Downloading apps from third-party marketplaces poses a huge threat to smartphone users. Lee used the popular Android app BatteryBot as an example. Fake versions of the app have been pulled from the Google Play store within the last two weeks that display ads and make premium texts that cost victims money.

Even scarier, Lee said, is the rise in crypto-ransom-ware lurking in free apps. These malicious programs will encrypt and lock the user’s phone until they pay $2 or $3.

“It actually grew about 113 percent in 2014,” Lee said.

Many smartphone users have restrictive data plans and might be enticed by free Wi-Fi offered at many public establishments, but they should be wary of banking or shopping while connected to these networks. Savvy criminals can hack into phones through the Wi-Fi connection and snatch information like your name and debit card number in the process.

“When you’re on a public hotspot everything you’re transmitting is in clear text, so that means anyone on that network, if they have the right app, they can see what you’re transmitting,” Lee said.

If you’re prone to cruising Amazon at the coffee shop, Lee suggests using one of the freely available Wi-Fi security apps on the official app stores.

Bluetooth is another method cybercriminals may use to easily steal your information in public. Caetano suggests using only password protected Wi-Fi networks, and turning off Wi-Fi and Bluetooth when not in use.

Other methods cybercriminals use to infect users’ smartphones are through spam messages and links. Open a text message, email or click a link in the message and malware gets downloaded onto your device unbeknownst to them.

“You never want to click on those,” Caetano said. Users should use the same logic they would when receiving a strange email.

Caetano said one of the most important things all smartphone users can do is to update their phones as soon as operating system updates are released because they are packed with patches to remove vulnerabilities.

“You as the user have to be vigilant in making sure you protect your personal data, protect your privacy and take action just like you would to protect your home. You have locks on your doors and [smartphones are] kind of the same thing.”

Lastly, there are mobile security apps available from many respected companies on the official app stores that can increase users’ level of protection. Many of them are free.

For more information, visit www.fcc.gov/smart-phone-security.

Is it smart to use your phone for banking?