JACKSONVILLE, Fla. – Your cellphone is likely your primary phone if not your only one -- as many of you have given up your landlines. But if you're using your cell number when you sign up for online accounts, you may be giving hackers a direct line to your personal information.
Pam Dixon with the World Privacy Forum says she is on a mission to tell people that cellphones are easy prey, and that tying them to everything from banking to shopping to social media accounts just provides the wrong people with more ammunition.
“If I had like a billion dollars I would take out loads of TV ads about this and put up like a public service announcement page just to help people with this. It's that serious,“ Dixon warned.
Cybersecurity giant McAfee reports it currently has more than 26 million mobile malware samples. It's malware that hackers use to get you to click on a bogus ad, text or download a tainted app. They then secretly infect your cellphone with a virus so they can access data -- including your login information.
While blogger Amiyrah Martin doesn't know for sure, it may be how hackers took over her Twitter account. Her cellphone number was tied to that account, which is also her source of income.
“I knew that any updates that were happening weren't from me, and I didn't really know what my next steps should be,” Martin said.
“I had my cellphone number connected to quite a few things, but I had no clue that, that was something so simple could be connected to someone being able to just hack,” Martin added.
So if it's too risky to use your cellphone number as your primary number online, and you don't have a landline, what should you do? Dixon says there's an easy solution that already exists.
"Use a VoIP number,” she said.
A VoIP number, or Voice over Internet Protocol number, is an internet phone number. There are dozens to choose from and some offer encryption. While there are free options, others charge a one-time set-up fee, and some charge a monthly rate.
Examples for VoIP include:
Another way hackers can get into your phone is through something called social engineering. They gather basic information about you, like your name, email address, last four digits of your Social Security Number (maybe through a fake email scam) and then call the cellphone company posing as you to take over your phone.
They can also hijack your sim card. You'd know quickly because you'd be locked out of your phone. Twitter and other social media accounts provide security suggestions, so it's best to check them out immediately -- before you get hacked.
Martin says Twitter sent her security tips after she got hacked. Customer support suggested she change the email and password associated with the account, and they suggested she use a VoIP number as well.
Now that Martin's account is back up and running smoothly, she says she has learned a lot about protecting herself.
“It's made me be a little bit more diligent about the information that I'm putting out there,” she said.
Dixon also suggests only giving your personal cellphone number to family and close friends. Below are some security steps you can take to protect yourself:
- Use two factor authentication, meaning two ways to confirm it’s you when using an account -- such as a password plus something like biometrics (a fingerprint or facial recognition) or a special code only you’d have access to.
- Keep malware protection up-to-date.
- Some cellphone providers now offer extra security steps like AT&T, Sprint, T-Mobile and Verizon. Check your carrier for details.