If your smartphone gets stolen, the damage may extend further than the loss of the device itself; a thief can cause much more harm with your banking apps, important documents, and personal photos and videos. If you shore up your defenses beforehand, thieves will end up with a useless “brick” and no way to extract your personal information from it. Let’s get started.
- What a thief can do with a phone?
- Be prepared: How to make thieves’ lives harder
What a thief can do with a phone?
First, let’s consider what can actually happen to a stolen phone and why you should even bother protecting it.
Sell it for parts
In the most common scenario, the smartphone is simply sold for parts, especially if the thief found it locked. If the purpose was just to steal a phone, not to hurt you specifically, chances are the thief will not purposefully try to hack it. Manipulating a device that is powered-on and connected to the Internet in any way increases the risk of getting caught.
Withdraw money from a bank
In some situations, the temptation to make more money can outweigh caution. This scenario primarily concerns unlocked phones — for example that a thief snatched from the owner’s hands or found unattended. If a bank app was open, the thief can withdraw money within moments or even take out a loan.
Some banks allow users to transfer money by sending text messages to certain phone numbers. That makes stealing money even easier; any verification codes will be sent to the stolen phone.
Factory-reset and sell
If a thief manages — typically, with the help of social engineering — to log in to your Google or Apple ID account and change your password, you will lose the ability to lock the device remotely, and the thief will be able to reset it to get a working smartphone, which they can then sell much more lucratively than they could for parts.
Use personal information for blackmail and extortion, or simply leak it online
Thieves may demand ransom if they find important documents on your smartphone, threatening to delete or send them to your contacts. The same goes for personal files that could compromise you or someone else. A thief can copy and analyze information from the Files app on an iPhone (primarily all iCloud content), the entire smartphone memory on Android, and cloud drives to which your phone has access.
In addition to that, a thief can scan conversations, starting with instant messages, for material of interest or try to hack your Facebook or Instagram accounts and start asking your friends and acquaintances for money. Also in theory, the thief may try to link your bank account to another device, but that is an unlikely scenario. The thief would have to keep the phone turned on, thus increasing the risk of getting caught.
Our tips will help limit a thief’s options to selling your phone for parts by frustrating any other plans they might have.
How to securely lock your smartphone in case of theft
Here’s how to secure your information and also ensure your ability to restore it on a new device if necessary.
Set screen lock
First, make sure your phone automatically locks the screen. Android users can find that option under Settings, in the Security section. Keep in mind that most manufacturers of Android devices customize their interfaces, so settings may vary slightly from phone to phone. For this post, we used Android 11 on a Google Pixel because it has a very typical implementation. On iPhones, the option is in the Face ID & Passcode section (or Touch ID & Passcode for iPhone 8 and older versions).
Not every way to lock a phone’s screen is equally reliable. For example, in the case of Android, you should not rely too heavily on facial recognition; some implementations are relatively easy to trick with a simple photo. The iPhone’s Face ID is far more robust. A graphic key is too easy to spy over your shoulder; besides, people tend to draw predictable patterns. Long passwords and a fingerprint scanner are safest. Although it is possible to fake a fingerprint, common pickpockets do not have access to that kind of technology.
That said, the most important thing is to lock the phone, so use whichever method you prefer.
Set a SIM card PIN
Entering a SIM card PIN every time you restart your device or buy a new one is a bit of a hassle, but it doesn’t happen too often, and the added security is worth the effort. If a SIM isn’t locked with a PIN, a thief can simply insert it into any other phone and make a call to themselves to find out your number — and knowing that, they will be able to log in to certain websites, pass two-factor authentication, and use text messages to transfer money from bank cards. It should go without saying that your SIM PIN must be different from the one you use for unlocking your phone.
How to set a PIN for a SIM card on Android:
- Go to your phone settings and select Security;
- Click SIM card lock and toggle on Lock SIM card;
- Enter a PIN and confirm it.
How to set a PIN for a SIM card on iOS:
- Go to Settings and open Cellular;
- Select SIM PIN and toggle it on;
- Enter a PIN and confirm it.
Full-disk encryption (FDE) is another feature that protects your information. When it’s enabled, all files stored on the smartphone will be encrypted by default and there will be no way to read them without unlocking the smartphone. On iPhones and smartphones running Android 5 and above, data encryption is enabled by default. In earlier versions of Android, it needs to be activated manually.
How to enable full-disk encryption on Android:
- Go to your phone settings and select Security;
- Go to Encryption & credentials and tap Encrypt phone. Follow the instructions.
Password-protect apps and notifications
Set up a separate password, PIN, or graphic key for critical apps. Then turn off notifications for those apps, especially any that pop up on a lock screen. Doing so makes reading alerts and text messages a little less convenient, but it also makes intercepting your one-time authentication codes, or moving your money to another account, almost impossible for outsiders.
Privacy settings may differ across Android smartphone models. You can find instructions specific to your model on the manufacturer’s website, and here’s a general outline:
- Open Settings and go to Security or Privacy;
- Tap App lock;
- Select the apps you want to lock. The device will now ask for the PIN before opening those apps.
Unfortunately, not all manufacturers offer the app lock feature. If you can’t find it in your settings, try checking Google Play for solutions or simply install Kaspersky for Android, which has this feature.
iOS lacks an application lock feature, but you can protect your apps by setting a screen time limit. To do so:
- Open Settings and go to Screen Time;
- Tap Use Screen Time Passcode and set a passcode;
- Go to App Limits and select a desired app category;
- Set a limit by selecting Add Limit;
- Specify a time limit, say, 2 minutes;
- Confirm your choice by tapping Add.
When the time is up, the app will be locked, and the person using the phone will not be able to continue unless they know the passcode.
Set up data backup
If you back up your data regularly, then even if you lose your phone for good, you will not lose your contacts and other information. You’ll simply download a backup copy of the data onto your new device.
How to set up backup on Android:
- Locate the System section in the settings;
- Select Backup;
- Turn on Google Drive backup or select a computer or other external media as a target, if your device offers that option.
With an iPhone, you have two backup options. The easier route is to use automatic iCloud backup:
- Turn on iCloud Backup:
- Open Settings —> [account name] —> iCloud;
- Select Backup.
- Plug in your phone and connect it to Wi-Fi with an unlimited plan (the initial upload uses a lot of power and data);
- Check how much storage space you have left. All iCloud users get 5GB of free storage space, but if you need more, you can purchase a subscription from Apple or use a free alternative;
- Lock the screen so you do not disrupt the process with a random tap.
If you prefer not to use the cloud, try computer backup — Apple offers a detailed guide on its website.
Turn on Find My Device
Find My Device (Android) and Find My iPhone (iOS) can track the location of a lost or stolen smartphone through a Google or Apple ID account. You can use these features to remotely lock the device or even completely erase all data on it. However, the feature must be active at the time the device is stolen or lost — you need to enable it now.
How to turn on Find My Device on Android:
- Open Settings and go to Security;
- Turn on the Find My Device switch.
How to turn on Find My iPhone:
- Open Settings and tap your name;
- Select Find My and toggle on Find My iPhone;
Then go to the Security section in your Google account or the Find My app on your iPhone or iPad, and find your device on the list. You will see options to lock and erase the device. They will come in handy if the phone is stolen in an unlocked state and it has confidential information on it.
You can set a message and backup contact number to be displayed on the screen when you lock the phone remotely. That gives anyone who ends up with your phone the option to find you and return it. You will, however, need to be more vigilant than usual; thieves can use your backup contact number for phishing — for example, to send fake support notifications trying to get your Google or Apple ID account password so they can unlink your device. In that case, keep a clear head and refrain from following suspicious links, let alone entering any confidential data on those websites.
Losing or having one’s smartphone stolen stinks; there’s just no way around that. But taking precautions to secure your data and back it up in case of theft can turn that disaster into straightforward inconvenience. We certainly hope that never comes to pass, but we strongly recommend spending a few minutes to prepare.