How big a phenomenon is phone snatching?
Let’s ask the bad guys...
Here’s an interview with the leader of a gang of four criminals who patrol the streets, looking for opportunities to steal devices. In answer to the question ‘How many sets does a single criminal steal in a day?’ he shoots back, ‘18 to 20’.
The conversation proceeds.
Interviewer: ‘So that’s 80 phones a day?’
Criminal: ‘Yeah.’
Interviewer: ‘How much money, on average, were they able to steal from people’s accounts via the apps?’
Criminal: ‘15, 20 grand.’
Interviewer: ‘Per day?’
Criminal: ‘Yeah, if I’ve got two teams of four.’
Interviewer: ‘What’s the most [money] you’ve ever seen come out of a phone? What’s the most in one go?’
Criminal: ‘£40,000 to £50,000 in a half-hour.’*
Frequently, the criminals’ modus operandi is to ‘shoulder-surf’ smartphone users for their phone lock pin number. Then, they embark on a blink-and-you’ll miss-it phone snatching incident, sometimes along the lines of this motorbike smartphone theft. Or they will steal, says the gang leader:
‘Out of your back pocket in a club or pub. The boys know now what they’ve got to do – they’ve got to look at certain apps and see if they can change the passwords.’
Phone snatching from businesses is on the rise
According to a BBC report, 250 phones per day are stolen in London and 38% of all personal robberies involve phones being stolen. This is a big problem and it isn’t just individuals being targeted. Phone snatching, once seen primarily as a consumer issue, has evolved into a significant threat to businesses. A report by Forrester Research’s 2023 State of Data Security report revealed lost or stolen assets such as smartphones, tablets, laptops, external hard drives, and USB flash drives account for 17% of breaches.
It makes sense. The blurring of workplace and leisure boundaries means we’re carrying sensitive devices to places where criminals lurk – cafes, restaurants, gyms, the street. Opportunities abound.
But what can happen when a phone snatching incident happens to a workplace phone?
Phone snatching: it’s not just about the phone
Of course, the theft of a device matters. No business wants to be unnecessarily shelving out for new tech. But this cost is dwarfed by other ramifications:
- Data breaches: Work phones provide access to client data, financial records and proprietary company information. A data breach could cost large sums in damages and legal fees. For highly regulated industries, the effects will be devastating.
- Reputation damage and loss of trust and business.
- Productivity loss involved replacing a stolen phone and its contents.
- Intellectual property theft, including valuable trade secrets or upcoming product information.
None of the above looks good. But there is positive news. There are distinct lines of defence you can employ against the criminals that can help you fight back against phone snatching and protect your business.
How to fight phone snatching cyber crime: a 16-point plan
Our list is split into two distinct sections: the cyber security side and user behaviour. We’ll start with security.
The cyber security measures are what we, as security specialists, would consider essential for any organisation – of any size – that takes device security seriously.
The behavioural measures should be part of your user education, but consider making some of these points mandatory company policies around phone use. You should expect your employees to be responsible at all times with work devices and be vigilant to the possibility of phone snatching.
Note we’ve also included a few measures that account for scenarios beyond physical phone snatching, to provide comprehensive safety advice.
Cyber security measures
1. Use Mobile Device Management
This can help you centrally and remotely manage a fleet of mobile devices and incorporate many of the security measures in this list. It can also be your ace card in the case of a phone-snatching incident. Device tracking will help you (or preferably law enforcement) find your phone; remote locking will protect data; and remote erase is your ‘nuclear’ option. Some MDMs may even provide backup retrieval.
For smaller businesses, a fully-fledged MDM may be overkill, but you can find apps that perform many of the above functions. A final, important, note for IT departments: ensure Apple devices in a supervised state are deployed, so that MDM profiles cannot be removed.
2. Enable full disk encryption (FDE)
This will encrypt all data on your device, including the operating system. Use a strong password or passphrase to protect the encryption key.
3. Create a power pincode
Require your users’ passwords or number-entry codes to be suitably complex and not something a criminal could easily glean from guesswork, social media or notes on your phone. This means 1,2,3,4 or your date of birth are out. For pattern unlocks, don’t use an L shape – these are easy to guess. Finally, if your phone has fingerprint recognition, use it.
4. Implement a SIM card unlock code
This is separate from your phone pincode and adds an extra layer of security. For instance, if your phone security prevents a criminal from accessing your text messages or calls to access 2FA codes, they may try putting your SIM in another device to gain access. A SIM card unlock code prevents this from happening.
5. Be lock solid
Always set phones to stay locked when not in use, so any phone theft does not lead to a further data theft. Also, in the settings, choose a short timeframe between inactivity and locking up.
6. Be a PoLP pro
‘Principle of Least Privilege’ (PoLP) is a commandment of cyber security and may save the day in the case of phone theft. Ensure that any individual in your organisation can access only the information and resources that are necessary for their role and nothing more.
7. Require multi-factor authentication (MFA) on all accounts
But especially on those logged into from a work phone.
8. Turn off message previews
Turn off this function to make sure thieves won’t see messages about resets of login codes when your phone is locked.
9. Note your IMEI numbers
Type *#06# on your phone keypad. This will show your IMEI number. If you report a phone snatching theft to your mobile operator and provide the IMEI number they can quickly block the phone and even track it down.
10. Control app purchases
Require the use of a business-managed Apple / Google Play ID for all app purchases/ installations.
11. Add a lost/found message to a device
Many devices will allow you to use a Lost Device Mode. When you activate it, a contact number will appear on a homescreen. If a criminal abandons your phone, any good Samaritan can return the device to you via this contact number.
12. Work closely with your mobile provider
Ensure you have all the correct information to contact their security departments in the event of a theft.
Behavioural measures
13. Keep it inside outside
If you can possibly avoid it, don’t use your phone in public places.
14. Use a Bluetooth headset
If you must access your device outside, use a headset so your phone can be safely stashed away.
15. Look before you unlock
Be vigilant in public places. Look around before unlocking and try to shield your screen when using your unlock code.
16. Be train station-savvy
The areas in and around transport hubs are theft hotspots. Avoid using your phone in these places.
Says Jake Ives, Intersys’ Head of Cyber Security,
‘I cannot stress enough the importance of onboarding company-owned devices onto an MDM platform such as Intune or JumpCloud. You can then roll out mobile application protection policies (MAM) and conditional access policies to enforce these to users. This can include users who access organisation data on their work and their personal devices.
‘Also, organisations should spend time reviewing the policies available in their MDM solution, and implement the cyber security measures outlined above. Finally, generally speaking, you should opt for an enterprise-grade device where possible i.e iPhone, Google Pixel, Samsung. These will support many of the security features expected in this day and age.’
Intersys is a cyber security provider offering everything from baseline security consultancy to full security operation centre services. Why not contact us to find out how we can help you keep your devices or your whole IT infrastructure safe.
*Interview from ITV’s Good Morning Britain and reported by The Guardian.