Smartphone insecurity

The other day, I had an epiphany at the gym. It was around 10:36 p.m. and all the teenagers had gone home. They usually hang around in noisy groups, taking groaning, red-faced turns at the weights as their pasty friends cheer them on. It's entertaining to watch when you’re slogging away on a treadmill and desperate for some kind of distraction.

But that night I was left trying to ignore a batch of hulky muscular men, who were ominously silent but for their heavy breathing.

Banking on the go

The situation made my strangely hungry. And I started to wonder whether I would make it to the supermarket on time.

But even if I could make it before closing time, I wasn't entirely sure I had enough money in my account for half a pint of milk.

Better check, I thought, and was trying to remember the log-in details for my mobile banking app when I had the aforementioned epiphany. I couldn't help wonder whether checking my bank account in public was a stupid thing to do.

One of the muscular men was taking a break from his 100 kilo weights and was engrossed in a smartphone.

Perhaps he was reading up on protein shakes - but perhaps he wasn't. Perhaps he was in the process of hacking into my smartphone and was poised to empty my bank account should I be reckless enough to provide him with my log-in details over the gym WiFi!

Every second, 14 acts of cyber crime

I had just read Norton's Cybercrime Report 2012. It suggests that 14 people experience cyber crime every second - and that, overall, at least 10 percent of adults have experienced a cyber attack on a smartphone. I felt I was about to become a victim.

I scurried home, clutching my phone.

The next day my late night gym experience seemed somewhat paranoid.

That is, until I had lunch with a couple of friends and, as I casually mentioned cybercrime and smartphones, one of them looked up from her blackberry.

Bluetooth loophole

My friend said she used to activate the Bluetooth function on her phone almost all the time. But not so long ago, she checked her phone bill and realized that someone had made at least 20 calls abroad and sent some 200 messages to the first number on her contact list.

"I was really shocked," she told me, "I had had no idea that it was so easy to hack into someone's phone!"

She was lucky. Her phone operator reimbursed her. She is a lot more careful now - she updates her antivirus software regularly and hardly ever connects via WiFi or Bluetooth. And she does all her online banking at home, never on her phone.

"But I'm still always scared something will happen and delete all the cookies," she told me.

I turned off my WiFi, when no one was looking, and made a mental note to delete my cookies.

But even cyber security experts like Deutsche Telekom's Thomas Tschersich uses mobile banking, so it can't all be bad.

Tschersich says the risk of cyber attacks on German mobile networks is lower than on public WIFI networks. German mobile networks, says Tschersich, have inbuilt technologies to protect users.

Encrypt your wifi

Kerstin Altendorf of the German banking federation also strongly advises against using public WIFI, including networks in internet cafes.

"You never know how safe the connection is! Of course, you should also encrypt your private WIFI," says Altendorf, "because if you don't, you’re just inviting people in!”

I make another mental note to encrypt my WiFi at home.

Then, Altendorf reminds me that smartphones are just like small computers - they need to be protected with antivirus software, encrypted WiFi and firewalls.

Many banks operate with TANs, or transaction authentication numbers. TANs are numeric passwords generated for each individual transaction - either by a card reader or sent to a mobile phone, and some old fashioned banks, like Deutsche Bank, will even send you a whole batch printed out on paper.

But TANs have their own vulnerabilities.

"It's really important that your TAN isn't sent to the device you're using for mobile banking. Use a normal mobile for your TANs, one that's not connected to the internet," Altendorf says.

Up-to-date antivirus

As Altendorf points out, banks will only reimburse you after a hack if you are running up-to-date antivirus software on your smartphone. Many of us don't. According to the Norton cybercrime report, more than 40 percent of those they surveyed lack adequate online protection.

When I got home that evening, I decided it was time to download some antivirus software of my own. I started a random "antivirus app smartphone" search and got a string of results - none of which seemed particularly reassuring.

I couldn't decide which one to get - the app that looked like a green mutated cancer cell or the "Antivirus Detective" with the silhouette of a man in a black trench coat, torch in hand, ready to zap evil viruses.

To be safe, I downloaded three apps. I reasoned that the smartphone hackers are out there and that they are smart enough to think up ever more devious ways to get at my data.

Who knows, perhaps there's some malware already hidden away on my phone, perhaps it was even installed in the factory and is now tracking my every mobile move. I only hope the hackers take pity on me when they see the paltry sum of money in my bank account.