mobilesecurity.com [London, UK] A friend of mine recently shared an interesting story with me which provides a lesson for us all on mobilesecurity.com. She unfortunately dropped and broke her smartphone a week ago, but fortunately had insurance. A quick visit to the original supplier resulted in a replacement phone within a couple of days.

Before collecting her replacement phone she diligently backed up almost all of her data, with the exception of her photos. The store assistant explained that this wouldn’t be a problem, as he could download the photos from her damaged smartphone onto a flash drive. She would then be able to upload the images to her PC when she returned home.

She left her smartphone in the capable hands of the store assistant and ran a few errands while the new handset was prepared. When she returned to retrieve her new smartphone, as promised, the store assistant provided her with a flash drive containing her photos. She copied these across to her PC when she arrived home. No drama, right?

Yes, actually. I have a few concerns regarding the tale my friend regaled me with, not least of which is that she left her unlocked smartphone with a store assistant she didn’t know. She had no issue with her personal photos being copied to a flash drive. She could easily have either asked the store assistant to show her how to do this, or stood there while photos were downloaded.

How could she be certain only her photos were being downloaded – the store assistant could have copied contacts, phone numbers, videos, browser history and various other data with my friend completely oblivious to any deception.  It might sound unlikely, but how could she be sure her phone wasn’t being infected with malware or even being cloned?

Perhaps my day-job has turned me into a cynic, but it’s clear that smartphones contain a vast amount of personal data. I can’t foresee any reasonable situation when I might leave it unattended, even for a minute – and I strongly encourage you to be equally vigilant.

As mentioned elsewhere on mobilesecurity.com, the recent increase in mobile vulnerabilities makes it more important than ever to make sure we look after our smartphones and other mobile devices. The first step is to use the free key-locks that come with all phones and tablets, take a look at this video of Mike Romo explaining how to set a more secure password on your mobile device.

You can read more of my thoughts on the It’s Not a Con blog, and I look forward to contributing to more articles on mobilesecurity.com as the site grows.