Many of us have been living under the mistaken belief that just because Apple iPhones are almost virus-proof, we can be totally relaxed about security, too.
And it’s just that kind of attitude that gets your phone hacked and your data stolen, according to notorious former hacker Hector Monsegur.
Listen: The trouble with teens and their phones. (Post continues after audio.)
After Monsegur was arrested for cyber attacks on companies such as PayPal, he started working for the FBI to prevent future attacks.
Recently, he shared his top tips for ensuring your iPhone is as safe as it can be from hackers with Refinery29’s Madeline Buxton. These are the five settings you need to change on your phone ASAP.
1. Download the most recent software update – now.
You know that frankly, bloody annoying, software update? They push you to download and install it for a reason. And Monsegur explains that reason isn’t to annoy you, but to protect you.
He said that when Apple finds out someone has found a way to “jailbreak” a phone – strip your security – Apple will release an update to patch-up these vulnerabilities.
“If someone was trying to get information from you, or they wanted to infect your phone so they could steal information, intercept your phone calls, check your emails — stuff like that, then the fact that there’s a jailbreak available for it, means that there’s an exploit,” he told Refinery29.
So next time the request to update to the latest iOS pops up, stop scrolling and just do it.
2. Make sure you have two-factor authentication.
You may have seen apps like Gmail or Facebook ask you for a phone number so they can help you verify your account in the future. Monsegur says this is another one-minute task worth doing.
This is called two-factor authentication and if you look in settings of most apps you should be able to see this and tick 'enable'.
This way if someone is trying to remotely reset your password, you'll receive a text asking you if this was your doing. And if it isn't, the hacker will be stopped right away.
BONUS TIP: The video at the top of our post shows why you need to turn off "Frequent Locations" in your Location Settings.
3. Disable lock screen notifications.
If you're anything like us, you probably haven't considered this before, but your four-digit passcode isn't super useful if a thief can see texts coming through without needing to unlock it.
"That's a major security problem," Monsegur said.
"I always advise people to disable [lock screen notifications]. You don't need text messages to pop up. It just takes a second to look at the message."
To turn them off, go to Settings > Notifications. It may take a little while to disable the notifications app by app, but it's worth it.
4. When sending anything sensitive, use Signal.
Monsegur doesn't like to send texts or emails at all because they're not encrypted. That's not going to stop most of us, but the former hacker does suggest using a special app if your texting something like your bank details or Facebook password.
Signal is a free messaging app with encryption and using this means that a hacker could never see the contents of your text.
The person your texting does need to have the app too, so push on and ask them to download it.
5. Never, ever "allow" authorisation through an email.
This one isn't a phone setting to change, as much as a tip to live by to avoid scams.
If you receive an email from a company you use, like Google, asking you to authorise access, don't, Monsegur says. A recent scam like this meant anyone who pressed "allow" let a worm send the email to everyone in their address book.
To be safe, you should only grant access to things like photos or contacts when you've opened the app up yourself.
What cyber safety tips do you swear by?