If you lose your mobile, or it gets stolen, someone could get hold of your Google or Apple logins.
They could also get easy access to things like:
- your contact details
- your photos
- your social media accounts (when was the last time you logged out of Facebook or X/Twitter on your phone?)
- your banking or financial details
- any apps you use and the data you store in them, like Dropbox, OneDrive, Google docs or iCloud
- your browser history
- any of your other devices.
How to protect yourself
You need put the same effort into protecting your mobile phone as you do your PC or laptop.
Secure your mobile against loss and theft
- Always lock the screen when you’re not using your phone. Set it to lock automatically after a certain amount of time – the shorter the better.
- Put a good, secure password or passphrase on your phone so others can’t access it easily. This is more secure than using a number, pattern or fingerprint or even face ID.
- Use the tracking function (like Apple’s ‘Find my phone’ or Android's 'Find my device' feature) to help you protect your phone if it’s lost or stolen. This will let you:
- track where it is on a map
- play a sound to help you find it if it’s close by
- ring it
- lock it remotely
- put a note on it with your contact details so people know who to return it to
- erase the data on it.
- Set your phone up to wipe the data on it after 10 failed login attempts. Some smartphones have a feature that does this – check your settings or preferences to find it. That way, if someone does manage to get hold of your phone, it’s unlikely that they’ll get their hands on your data.
Back up your mobile data
Backing up the data on your mobile – to iCloud, Google cloud storage or to your own computer or external hard drive – is one of the most important things you can do. If you back up your data you won’t lose access to any of it, even if your phone is lost or stolen. Make sure you back up your mobile regularly – for example, once a week.
Update your phone’s operating system
When you’re alerted to a software update for your mobile phone, install it as soon as possible. Updates aren’t just about adding new features. They’re also about fixing vulnerabilities that attackers could find and use to gain access to your system.
Be smart with your apps
- Only buy or install apps from official app stores. Apps that are available from 3rd party sellers may not be legitimate, and could contain malware (like viruses). Android phones have a setting that prevents 3rd party apps from installing. You can find it in your settings.
- Set your apps to update automatically. This will ensure that you always have the most recent, and safest, version available.
- Check the permissions and settings on all your apps. Make sure that they don’t have access to any other features on your phone that you’re not comfortable with. For example, you might want Facebook to be able to access your photo library, but your weather app probably doesn’t need to.
- Delete any apps you don’t use. For example, if you downloaded an app to help you plan a holiday and you don’t need it any more, get rid of it. That way you don’t need to worry about updating it and it's not taking up space on your phone.
Be careful using hotspots and free WiFi
- Hotspots and free WiFi networks are untrusted, meaning that it's possible that others could see what you're doing when you use them.
- Never do online shopping or internet banking on free WiFi.
If you need to check your email, make sure you have two factor authentication (2FA) set up first.
- Turn off WiFi, bluetooth, near field communication (NFC) and nearby share on your phone while you’re not using them.
Keep an eye out for scams and phishing
Watch out for scams and phishing attempts on your phone, in messages sent by SMS, instant message, email or social media.
It’s sometimes easier to quickly respond to something on your phone than it is on other devices, but if you’re not sure about something, stop and check it first. Be cautious about clicking on links and attachments in SMS messages or in emails. If you’re not sure why a company’s asking you for information, contact them in another way — through their website, for example — to ask before you give out any personal details.
Remember to log out of your accounts
Log out of personal accounts on your phone after paying anything or online shopping. If you stay logged in and someone steals your phone, they could get access to your account details, as well as your credit card information or bank accounts.
If you sell, replace or give away your phone
If you are selling, replacing or giving away your phone, or even sending it in for repairs, it's good to back up any data you want to keep and then do a factory reset to erase and protect your personal data. You may also need to disable Find My, or unregister your device. Check with your phone manufacturer for more details.
You will also want to keep your SIM or replace or suspend your eSIM.
If your phone is lost or stolen,
- lock the device down using Find my phone/Find my device
- if lost, use the location function to help track down your phone
- if stolen, report and provide the location to NZ Police
- consider wiping the phone if you have sensitive data stored on the device.