It’s that time of year when tourists flock into town and everyone starts settling into holiday mode. But that also means plenty of opportunistic crime – especially phones being plucked from pockets and hand-bags.
Here’s what to do if your phone gets swiped – and how to protect your data beforehand.
Track your phone: Log in to Find My iPhone or Find My Device on a computer to ensure the device is not just lying under the bed or in the boot. (See how on next page.)
Change your passwords: Change the passwords of apps on your phone via their websites. Certain apps such as Facebook, Instagram and Google will allow you to log out on all devices – log onto the website and go to the Settings or Security menus. “It’s very important you don’t use the same passwords for all your applications,” warns Charl Ueckermann, CEO of AVeS Cyber Security.
Call your service provider: Have your service provider block your SIM card. This works on pay-as-you-go SIMs too. Be sure to ask for an ITC reference number, which you may need for your insurance claim or police case number. You can also ask to blacklist the device by giving them the phone’s IMEI number (serial number), which you’ll find on the barcode of the packaging it came in.
Call your bank: Call your bank so they can monitor any suspicious online transactions. If they pick up something untoward, consider cancelling your cards.
Go to the police: If your phone is insured, you’ll need a case number to process your claim.
Put the word out: Whether it’s a message blast, email, tweet or Facebook post, let your friends know your phone has been stolen – and not just so they know how to reach you. “The perpetrator could impersonate you and use your in-formation as a phishing attack,” warns Gavin Hetherington, cybersecurity officer at Magix Security. For example, they could send messages to your family and friends, asking for money, or worse, asking them to meet “you” somewhere. “People are desperate,” Hetherington adds. “Bribery and blackmail have become a common occurrence.”
How to protect your phone data
For iPhone: When you first used your phone, you’ll likely have set up your iCloud account and Find My iPhone. If not, go to Settings> [your name at the top] > iCloud. Scroll down to Find My iPhone and slide to turn on. Now you’ll be able to use your Apple ID to track your phone with a computer, by logging in to icloud.com.
If you have two-step verification (or the newer two-factor authentication) enabled, a code will be sent to your “trusted device”, which you’ll need to enter in order to log in – obviously a problem if your phone has been swiped.
The good news is you can add more trusted contacts in the event your own phone isn’t an option (see below for more.)
To track your phone log into icloud.com on a computer and click the Find My iPhone button on the bottom left. Then turn on Lost Mode. This will remotely lock your device and display a message on your lock screen that reads something like “This iPhone has been lost. Please call me”, with a contact number you choose.
Or you can remotely erase all the data on it – a must if you know it’s been stolen. But if you do erase it, you’ll no longer be able to track it.
You’ll be asked to verify your device to proceed (see two-step verification and trusted contacts below). For Android, Android’s Find My Device is usually set up automatically when you first start your phone and sign into your Google account.
To check that it’s on, go to Settings (the gear icon) then Security & Location. If your device doesn’t have this option (the operating system differs on certain devices), go to Settings > Google > Find My
Device, where you may be prompted to download Find My Device from the Google Play store. With the app, you’ll be able to track your phone via android.com/find on a computer browser.
From the Find My Device menu in Settings, make sure Find My Device is switched on. Next, go back to Settings > Security & Location (if you don’t have this option, search Location in Settings) and make sure Location is turned on.
Next, you’ll need to navigate to play.google.com/settings in a browser and make sure the box under Visibility for your device is checked. Test that it’s working by going to android.com/find on a computer.
If your phone is stolen you have two options: secure device, which will lock it and display a message of your choice on the screen in case someone finds it; and erase device, which will wipe all data from it and you won’t be able to track it.
Should I try to get in touch with the thief?
So now you might be able to see where your device is – and in some cases, new pictures might appear in your cloud, showing the face of the person who has your phone, along with their new number.
Should you engage with them?
Not under any circumstances, Hetherington warns. “Nothing good will come from the interaction. Go to the police.”
Do this now!
Set these up right away if you haven’t already.
- Set up Find My iPhone or Find My Device.
- Set up an auto-lock: Make sure your phone has a PIN, password or biometric lock. Six-digit PINs or passcodes are considered the safest choice.
- Set up a trusted contact: Add a loved one’s number as a trusted contact. For iOS, log in to appleid.apple.com > Security > Edit > Add a Trusted Phone Number. For Android, log in to myaccount.google.com > Sign-in & Security > Account Recovery Options > Recovery Phone or Recovery Email.
- Keep a copy of your device’s IMEI number Get your phone’s serial number by dialling *#06#. Keep it somewhere safe.
- Back up your phone: Back up via iCloud or Google Drive regularly so that erasing all data – including files, pictures and contacts – won’t be such a bummer. For Android, go to Settings > Google > Backup and make sure Backup to Google Drive is on. For iOS, go to Settings> [your name] > iCloud > iCloud Backup and turn on. You can also back up many files to Google Drive on your iOS device.
- Two-step verification: This functionality adds an extra layer of protection, usually by sending a sign-in code to your phone when you log in. On Android, secure your device by securing your Google account. Go to myaccount.google.com/security and log in.
Under Password & Sign-in method, select Two-step Verification and slide to On. Now scroll down to Back-Up Codes > Show Codes, write down the 10 eight-digit codes and keep them some-where safe. Whatever you do, don’t save them on your phone.
The next time you sign in, you’ll be sent an SMS with a code to enter before you can unlock your account. If you can’t access your phone, you’ll be able to use one of your Back-Up Codes to get in.
On iOS, check your two-factor authentication settings via Settings > [your name] > Password & Security > Two-Factor Authentication. To make sure you never get locked out, add another device or a loved one’s number as a trusted contact by following the steps above.