Lesson 9

Your Phone Knows Everything

Mobile Device Security

What's On Your Phone?

Think about everything on your phone right now:

Communication

Emails, texts, call history, voicemails, chat apps

Location

GPS history, check-ins, photos with location data

Financial

Banking apps, payment methods, purchase history

Identity

2FA apps, password managers, digital IDs

Work

Company email, Slack, documents, VPN access

Personal

Photos, health data, contacts, calendar

Now imagine someone else having full access to all of that.

How Phones Get Compromised

Malicious Apps

Apps that request excessive permissions, or clones of popular apps with hidden malware

Phishing Links

SMS messages with links to fake login pages or malware downloads

Public Charging

"Juice jacking" - malicious charging stations that steal data or install malware

Outdated Software

Unpatched vulnerabilities that attackers can exploit

The Permission Problem

A flashlight app asking for access to:

  • Camera
  • Microphone
  • Location
  • Contacts
  • Storage

Why would a flashlight need any of these? It wouldn't. This is malware in disguise.

Mobile Security Best Practices

1
Use a Strong PIN/Biometric Lock

6+ digits minimum. Enable automatic wipe after failed attempts

2
Only Install Apps from Official Stores

And still review permissions before installing

3
Keep Your Phone Updated

Security patches fix vulnerabilities attackers actively exploit

4
Use Your Own Charging Cable

Avoid public USB charging ports - use a wall outlet or your own battery pack

Test Your Knowledge

Answer these questions to complete the lesson.

1. A simple calculator app asks for permission to access your contacts and microphone. What should you do?

2. What is 'juice jacking'?

3. Why is keeping your phone's operating system updated important for security?

4. Your phone is lost or stolen. What's the MOST important first step?

All Lessons