Spy chief says get a new clean phone – Craptus and Mediscare
One of Australia’s top spy chiefs, Rachel Noble, has said she has a new clean phone free of social media [and Apps] is the only way to have absolute security for privacy.
She’s not sensational at all – she’s right, and let me explain why.
Why cybercriminals need your personal data.
A little data helps scams use what they know to lure you in with carefully socially engineered emails that you open and click on a poisoned web link. For example, scammers see that I get a lot of packages and consequently I get a lot of Australia Post, DHL and other courier email scams.
More data can help with account takeover – bank, phone, credit card and financial accounts. My aunt had her Telstra landline account taken over and then used by scammers to take over other accounts. It’s about the 100 points of identity – driver’s license, passport, Medicare and utility bills that show your name and address. It was a real slog to get control back, not helped by Telstra’s resistance to help at the time.
Lots of data like the Optus and Medicare debacle leads to all of the above, plus huge potential for ID theft to wreak havoc on you, steal your savings and leave you with debt you’re responsible for. A wealthy executive friend suffered ID theft and estimates it has taken over 600 hours of frustration and potential losses of nearly $500,000 to recover it.
You can read more about ID theft issues at OPTUS Hack – an update
What can you do to minimize data loss?
Our first and absolutely firm recommendation is to delete Facebook, TikTok, messenger and any social media accounts so that you stop sharing gold nuggets (data) with hackers. Post a photo of yourself celebrating a birthday with friends, and cybercriminals can deduce your birthday (as well as your gender and get Face ID) and your friends’ names.
Second, you have to invent a new you. New driver’s license, credit card (numbers), passport (numbers), email address and telephone number. Getting a new home address isn’t practical, but if you get sensitive mail, consider a PO box or at least a lock on the mailbox.
Another strong recommendation is to set up a new clean email account and link it to all your online accounts. The new email name means that only “real” information will reach you on that account. That old email (that you’ve had for years) becomes unreliable – you need to be extra careful about the veracity of that content.
That’s where Rachael Noble’s other clean phone comes in. Why? Because you can’t access your bank account, etc., without entering a two-factor verification code sent to your phone. If cybercriminals have that number, they can spoof and intercept such codes. If you associate a new number with your accounts, there is no spoofing. We recommended buying a $10 a month SIM card (unlimited calls and texts) and putting it in the second sim slot, but if you don’t have a spare slot, buy a cheap phone (starting at $100) to enable this.
Apps are data harvesters
Noble’s advice (and she should know) is that your new phone number must be on a phone free of spyware and malware. In short, that means no social media apps or anything other than essential Google apps, and even these must be locked to stop data exfiltration. In fact, we recommend a dumb phone (non-Android – remember the good old Nokia days) that can’t catch viruses. Android 12 and 13 users can create different profiles that essentially set up two different phones – one with social media and one without.
Why? Every app is a data harvester. Whether it’s location (if only to provide local recommendations) to full-fledged contacts, calendar, call logs and camera/microphone. You have to ask why, for example, do you need a free flashlight app to access everything? Answer: Because it sells your data.
So if you’re a risk – and you probably will be – there’s no time like the present to reinvent a new, private you, and that starts with a new, clean phone.
Manage all these new IDs and numbers
A friend had his computer hacked and his bank account emptied. Why? He had all his passwords in electronic notes on his PC.
We recommend the free LastPass password manager, which provides
- Unlimited passwords
- Access on one device type – computer or mobile
- 30-day Premium trial
- Save and autofill passwords
- One-to-one sharing
- Login without a password
- Password generator
- Private vault for personal data such as bank account numbers, Medicare etc
Personal is limited to one device – PC or mobile, but the paid Families version gives you six family members, access on all supported devices and Dark Web monitoring of your email/password.
CyberShack’s take – getting a new clean phone is good advice
Although it may sound extreme, it is the same principle as getting new numbers for all important forms of ID,
The real problem is that your smartphone is the window to your life. Read Staying Safer Online – Simple Steps for Home or Mobile Security (Consumer Advice)