Disconnect your device from the Internet when you aren’t using it and make sure your device isn’t programmed to automatically connect to Wi-Fi. The likelihood that attackers will target you becomes much higher if your device is always connected.

With automatic Wi-Fi connectivity enabled, your phone will connect to any known network or SSID that doesn’t require a password. You might be at risk if these Wi-Fi connections are monitored by untrusted third-parties. Configure your mobile devices to forget networks you no longer need, or just turn off Wi-Fi entirely.

Phone and tablet software should be vetted by approval teams to ensure their quality and security. Such processes are routine on official app stores, but cannot be assured with third-party sources. Accordingly, steer clear of unofficial storefronts or sideloaded apps from websites.

It’s not as popular as it was in the early 2010s, but jailbreaking (or rooting) a mobile device is still a risky practice. It removes many built-in protections and allows the installation of unapproved applications. Stick with the standard OS and keep it updated.

What if you left your phone behind in a public place? Without a passcode on the lock screen, its contents would be fully accessible to anyone who had it. Configure a passcode, along with other even more secure options such as a fingerprint or facial recognition scan, if available on your device.

Have you ever wondered if someone was secretly listening to your conversations? Many mobile apps, including hundreds of popular games, do exactly that, by scanning for ambient audio cues to better target their advertisements. For your own privacy, consider disabling microphone access for such applications unless you’re actively using it in them.