Calls, messages, payments, photos, Internet browsing … Our smartphone is essential today, but also attracts cybercriminals, always more ingenious to infiltrate our devices. Fortunately, a manipulation allows us to protect us.
Last method used by cybercriminals: so-called “zero-click” attacks. Unlike the classic phishing attempts requiring a click on a malicious link, these attacks require no user action. A simple reception of message, image or file may be enough to infect a phone. This is how the graphite spy software, developed by the Israeli company Paragon Solutions, has managed to enter the smartphones of at least 90 journalists and activists in around twenty countries. The process is formidable: a trapped attachment is sent via WhatsApp. It is not even necessary to open the document, the flaw is used upon receipt of the file. In a few seconds, attackers have access to messages and private content.
Faced with this type of invisible threats, cybersecurity experts tried to find parades. Certain precautions have therefore been implemented such as the regular installation of safety updates or the use of robust passwords. But a simple gesture would help to protect themselves effectively against these intrusions: regularly extinguishing your phone.
The idea may seem harmless, but it is based on a very specific technical principle. “Many of this spy software reside only in RAM and do not settle in the system in the system. By restarting your phone, you erase them from your device”, explains Rocky Cole, co -founder of the IVERIFY mobile threat protection company. Clearly, a simple daily restart would be enough to make these ephemeral malware disappear and prevent their persistence.
This advice is also relayed by the NSA (National Security Agency) in the United States, which recommends that users restart their smartphone at least once a week. This reflex limits the action of spy software and makes the task more difficult for cybercriminals. Of course, for more sophisticated spy software like Pegasus, a simple restart is not always enough. Attackers can again infect a device after relying. But this regular action remains an additional barrier against surveillance and hacking.