How to Keep Your Cell Phone Info Private

As cell phones get smarter and smarter, we tend to store massive amounts of personal and business data on them because they're small, convenient and mobile. But don't let a trade-up become a personal data security disaster.

Also, if you think e-mail phishing is bad, steel yourself for a new varient called "vishing" that relies on persuading victims to reveal their personal information over the phone. And finally, be aware of possibility that smarter phones can lead to snoopier phones (think Android).

Why you should care: You may realize too late that you just sold your message archive and address book to someone for the price of a used smartphone.
Scenario: When the news broke last year that the winding-down campaign of GOP presidential candidate John McCain -- for a bargain-basement price -- sold staffers' BlackBerrys filled with e-mail messages and call records dating back months, as well as a contact list of every major political player in Washington, there was enough egg to liberally coat the faces of everyone at campaign headquarters. Remember, it takes only five minutes to reset a smartphone to its factory-default state. But the McCain campaign is hardly alone in its failure to take this simple precaution. Anyone can buy a used smartphone, and many sellers simply box it up with its data intact before transferring ownership.

Fix: Before you ditch an old phone, use your phone's reset codes or menu options to clear your message archives and your contacts list. Check the ReCellular Data Eraser page to learn how to reset your phone, and follow the instructions, for crying out loud!

Why you should care: This gambit is just one more method at the disposal of conscienceless creeps who want to steal your bank card numbers.

Scenario: Here's how vishing works: You receive an e-mail or get a prerecorded voice message (purportedly from your bank, or PayPal or some other financial institution) informing you that a large transaction -- one you never performed -- has been held up. The message includes a toll-free telephone number that you should call right away to deal with the situation. You're supposed to think: "Spam fraud always involves a URL, right? This phone number must be safe."

But you'd be wrong. You dial the number, and a voice menu prompts you to key in your card number before it transfers you to a company representative. The vishers ask you to enter other information as well, such as the expiration date and/or the CVV number printed on the back of your card. If they're bold, they may even ask you for your billing address's ZIP code and your birth date. If you act without thinking clearly, you might give them everything they ask for. At this point, they have your number -- literally -- so they may just hang up on you or put you on hold indefinitely.

Fix: If you get a fishy (vishy?) call or e-mail, ratchet up your suspicion meter. Never call the number provided in an unsolicited e-mail or voice mail message to follow up on some mystery purchase; instead, dial the bank's number printed on the back of your card. Report vishing attempts to the Internet Crime Complaint Center.

Among the downloadable applets that you can use with the G1 are tools to track the phone's position on a Web page or via text coordinates you can plug into a map, and tools to show you other Android users within a 10-mile radius. Many of the downloadable applications have access to your phone logs and phonebook, and have permission by default to connect to the Internet.

Fix: For many people, these features are useful and welcome. But if you're seriously interested in privacy, think twice before committing to the G1. We recommend waiting until Google tweaks the Android software to protect you better -- or buying a different phone.