Search Microsoft Security
Search Microsoft.com

Get smart about mobile phone safety

Get smart about mobile phone safety

Whether your mobile phone is a feature phone or a smartphone, staying in touch with family and friends, keeping up with the news and weather, or playing the latest games has never been so effortless.

But there are risks. A stolen phone can result in the theft or loss of sensitive data—even your identity. It can compromise your bank or other online accounts, including apps that let you pay for items in physical stores with your phone (mobile wallets). Downloading a malicious app can do the same—as well as cost you money by setting your phone to automatically dial premium numbers (toll fraud).

Make these six simple practices a habit to help reduce your risk.

  • Lock your device with a PIN or password

    Lock your phone as well as your SIM card and mobile wallet (if you have them).

    • For your PIN, avoid numbers from your birth date, social security or national identification number, phone number, or the like. If you have a password option, use it and make the password strong.

    • Keep your PIN or password private. Period. Don’t send it in email, instant, or text messages (they may not be secure), and don’t store it on your phone.

    • Enable the feature that erases the phone if someone tries to guess the PIN too many times.

  • Use a phone finder

    Turn on the service or download an app that helps you find your phone if it’s lost or stolen. This allows you to ring your phone, locate it on a map, lock it, or erase its data—all remotely from your browser (like Internet Explorer or Firefox). Note that this regularly reports the phone’s location—and yours. Consider how long this history is retained and whether it can be shared or sold.

  • Defend your phone against malware

    Phones are most susceptible to a kind of malicious software (malware) known as a Trojan horse. It hides in a seemingly harmless app like a ringtone or game, but contains hidden code designed to exploit or damage the system; running the app unleashes the malware on your phone.

    Install reputable apps

    Download apps only from major app stores—the Windows Phone Store or Apple’s App Store, for example—and stick to popular apps with numerous reviews and comments.

    Keep your phone up to date

    • Just as you do on your computer, accept and install all updates offered for both the phone itself and the apps on it.

    • Uninstall apps that you don’t use.

    Don’t jailbreak your phone

    Most phones will run only software that their operating system trusts. Jailbreaking (or unlocking) a phone enables it to run untrusted software, which is much more likely to carry a harmful virus.

    Accept incoming content cautiously

    • Avoid clicking links in ads and contests that promise free prizes or gifts.

    • Watch out for text messages that look too good to be true.

    • If your phone works with Bluetooth technology or NFC standards (which support, for example, mobile wallets), turn them off if you’re not using them. (Both technologies allow two devices to "talk" to each other wirelessly at close range.) This blocks unwanted downloads and keeps intruders from reading data stored on your phone.

  • Protect your privacy

    • Do not bank, shop, check email, or do other business that exposes your user name or password over "borrowed" or public Wi-Fi (like a hotspot). It’s safer to use the mobile phone’s network, which encrypts data as it is transmitted.

    • Be wary of features that offer to save user names or passwords in your browser and financial service or other apps that store sensitive data.

    • Share your location only with those you trust.

  • Use GPS features wisely

    Many services—weather, movies, and maps, for example—personalize results by using location data from your phone’s Global Positioning System (GPS) or nearby Wi-Fi access points and cell towers.

    Your phone’s camera can use GPS to automatically embed information about the spot where a photo was taken, called geotagging. Facebook and Twitter can also use GPS to geotag status messages and tweets posted from your phone. This can be a risk because you may not be able to control how that data is used and by whom.

    • Think carefully before you turn on geotagging.

    • Limit the apps that you allow to access your location and link to social media with care.

    • Get permission from others before you tag them in photos or check them in.

  • Back up your phone

    Back up your phone to your computer, cloud storage, or both.