Mobile Security

With so much personal data stored in today's smartphones, it is especially important to be proactive in protecting yourself and your information.



Cellcom understands that robocalls are a nuisance and is committed to doing our part to combat illegal robocalls. Together with the industry, strides are being made in the fight against this illegal activity. We have already taken steps on our network to reduce illegal calls. Read on to learn more about what we are doing and what you can do.

What is a robocall?

Robocalls are phone calls that are dialed automatically, often using a computer. We have all received a robocall at some point in our lives. Some are useful, while others are annoying and even illegal. Useful robocalls include those about flight delays, school closures or appointment reminders. Legal robocalls may come from debt collectors, some telemarketers, and political parties.

Are robocalls illegal?

Yes, robocalls can be illegal. Those that ignore federal and state laws governing the use of auto dialers and prerecorded messages to call consumers are considered illegal. These calls can range from unlawful solicitations for products or services to fraudulent and criminal activity.

What can I do to protect myself?

Activate existing blocking options on your device. Features such as Samsung Smart Call, Google Call Screen and iOS Silence Unknown Callers may help you screen calls before you pick up the phone.

To learn more about each feature, click on the links below.

  • Samsung Smart Call
  • Google Call Screen
  • iOS Silence Unknown Callers

    A note on iOS Silence Unknown Callers: This option may not be suitable for everyone, especially if you want to receive an emergency call from a school or hospital, or if you use your phone as a business device. By silencing every unknown number, you could miss out on essential communications. Even numbers you have interacted with could be at risk with this solution. Many companies mask or reroute numbers to protect caller security, which could potentially get caught in the Unknown Callers filter.

What third-party apps are available?

There are third-party apps available for combatting robocalls. Truecaller and Hiya are highly rated applications, both with free versions for iOS and Android.

To learn more about each app, click on the links below.

What should I do if I receive an unwanted robocall?

If you receive an unwanted Robocall, follow these tips provided by the FCC:

  • Don’t answer calls from unknown numbers. If you answer a suspicious call, hang up immediately.
  • You may not be able to tell if an incoming call is spoofed. Be aware, caller ID showing a “local” number does not necessarily mean it is a local number.
  • If you answer the phone and the caller or recording asks you to push a button to stop receiving calls, hang up. Scammers often use this trick to identify potential targets.
  • Do not respond to any questions, especially those that can be answered with "yes".
  • Do not give out personal information.
  • If you receive a call from someone that says they represent a company or government agency, hang up and call the number on your account statement, in the phone book or on the company or government agency’s website to verify this request. You will usually get a written statement in the mail before you get a call from a legitimate source.
  • Use caution if you are being pressured for information.
  • To block telemarketing calls, register your number on the Do Not Call List at Legitimate telemarketers consult the list to avoid calling both landline and wireless phone numbers on the list.
  • Improve the effectiveness of our network tools used to filter scam calls by reporting them at

What is Cellcom doing to protect customers from Robocalls?

Cellcom continues to take steps to protect our customers, including:

  • Blocking invalid numbers
  • Participating in industry traceback efforts to identify the source of illegal robocalls, which allows law enforcement agencies to take action as appropriate.
  • Dynamically ranking calls based on suspicious behavior and then filtering based on that ranking.

We continue to implement the STIR/SHAKEN call authentication on our network, as outlined in the TRACED Act. This technology diminishes the ability of robocallers to illegally spoof caller ID and improves a carrier’s ability to provide helpful information to consumers, ultimately restoring trust in caller ID.

What can I do if my number has been mislabeled or incorrectly blocked?

If your number has been incorrectly labeled or blocked, please call us at 800-236-0055.

Malicious Apps

Malicious Apps

Malicious apps put your device and personal information at risk. You should treat your smartphone as you would your desktop. Apps remain the most common way your phone and data stored in it can be compromised, so be discerning and responsible with the apps you choose to download. While there is no fool-proof method for avoiding malicious apps, here are some tips to help keep your device and personal information safe.

Be leery of paid apps being available for free from an outside website.

App developers do occasionally discount the price of their app, but usually do so within the official app store. A free app offer on an outside website should be a red flag that the app is not legitimate and is probably malicious in nature.

Knock–off apps may have a hidden motive.

Once an app becomes a hit, it's almost guaranteed that imitation apps will flood the marketplace. Some of these apps are just trying to steal downloads from the hit app, but others may be trying to infect your device or steal personal information.

Check the downloads and reviews.

Use the additional feedback given by fellow consumers to see if an application is living up to the developer's intentions. An app with a lot of downloads, high ratings and positive reviews will usually indicate an app is meeting expectations. An app with fewer downloads, low ratings and complaints can signal a questionable app.

Review permissions.

Be aware of what parts of the phone you are giving the application access to and make sure you are comfortable with granting the access. If something doesn't seem right, don't download it. Your smartphone contains a lot of sensitive information; it's important to be proactive and protect that information.

Use apps to evaluate your apps.

There are a number of security applications out there to help you. The Mobile Security App by McAfee offers privacy, anti-theft, web and antivirus protection. You can also receive the ability to back up and restore data and device performance optimizing tools.

  • The McAfee Mobile Security premium app is offered at no cost to Total Coverage Program subscribers or can be purchased as a stand-alone option as well.



The most common response to security breaches is "change your password." You may tire of hearing this and ignore the requests to do so, but a strong password that's changed regularly remains the best security measure. Follow these password tips:

Create a strong password.

  • At least eight characters long
  • Does not contain your user name, real name, or company name
  • Is not simply one complete word or something obvious (birth date, phone number, company name, user name, or successive numbers such as 123456 or 000000)
  • Is significantly different from previous passwords
  • Contains characters from each of the following categories
    • Uppercase letters
    • Lowercase letters
    • Numbers
    • Symbols found on the keyboard (~ ! @ # $)

Use a unique password whenever possible.

Especially for services that have access to sensitive information like bank accounts, shopping sites and email accounts. Using the same password across the board puts all of your accounts at risk if one service is compromised.

Change your passwords on a regular basis.

Passwords are often stolen without the knowledge of the victim, and stolen passwords often aren't used immediately. Even if you're not aware your password was stolen, if you change it periodically you may protect yourself before a thief has an opportunity to use it.

Stolen Phones

Stolen Phones

To protect private data on a device in the event that it is lost or stolen, Cellcom encourages customers to do the following:

  • Lock handsets with a pass code to prevent access and use of the device.
  • Back up photos, videos, contacts and emails that you would want if your phone ever went missing. Save them to your computer, a USB drive or cloud service.

In the event that your phone goes missing, Cellcom suggests the following action steps:

  • Contact Cellcom's Customer Care immediately in the event that a device is lost or stolen. Customer care can suspend service to the phone to prevent use of existing service on the line and review options to temporarily or permanently replace the device.
  • If you believe your phone has been stolen, contact the police to file a report. Cellcom works with local law enforcement officials on cases related to cell phone theft.
  • Use your mobile security to lock, locate and erase the private data on your device. Remember that safety should be your number one priority, so please do not try to recover your phone on your own.
  • Remote Find
    • It is important that you complete a device search as soon as you realize the device is missing. If too much time passes, the device battery may drain making it unsearchable.
    • If you wish to have the ability to search for the equipment in the event it is lost, you should turn on your location services.
  • Remote Lock
    • Smart devices will give you the ability to lock your device remotely and display a message on the screen. If a device is missing and you believe you’ve left it somewhere, you can lock the device and display where the device can be returned to or who to call if the device is found.
  • Remote Wipe
    • Smart devices will also give you the ability to erase your device remotely. Once the device is erased, it cannot be searched using the remote find functionality. The device will be wiped of all content including applications, photos, etc. If the device is not online, the wipe will typically take place once the device is back online.
  • Using Remote Find/Wipe/Lock

Wi-Fi Security

Wi-Fi Security

Wi-Fi hotspots in public places are convenient, but often not secure. If you connect to a Wi-Fi network and send information through websites or mobile apps, it has potential to be accessed by someone else.

Encryption is the key to keeping your personal information secure online. Encryption scrambles the information you send over the internet into a code so it's not accessible to others. When you're using wireless networks, it's best to send personal information only if it's encrypted, either by an encrypted website or a secure Wi-Fi network. An encrypted website protects only the information you send to and from that site. A secure wireless network encrypts all the information you send using that network.

The Federal Trade Commission offers these tips to protect your information when using public Wi-Fi:

  • When using a hotspot, log in or send personal information only to websites you know are fully encrypted. To determine if a website is encrypted, look for https at the start of the web address (the "s" is for secure). Look for https on every page you visit, not just when you sign in. If you think you're logged in to an encrypted site but find yourself on an unencrypted page, log out right away.
  • Unlike websites, mobile apps don't have a visible indicator like https. Researchers have found that many mobile apps don't encrypt information properly, so it's a bad idea to use certain types of mobile apps on unsecured Wi-Fi. If you plan to use a mobile app to conduct sensitive transactions — like filing your taxes, shopping with a credit card, or accessing your bank account — use a secure wireless network or your phone's data network. If you must use an unsecured wireless network for transactions, use the company's mobile website rather than the company's mobile app, so you can check for the https at the start of the web address.
  • Don't stay permanently signed in to accounts. When you've finished using an account, log out.
  • Do not use the same password on different websites. It could give someone who gains access to one of your accounts access to many of your accounts.
  • Many web browsers alert users who try to visit fraudulent websites or download malicious programs. Pay attention to these warnings, and keep your browser and security software up-to-date.
  • Consider changing the settings on your mobile device so it doesn't automatically connect to nearby Wi-Fi. That way, you have more control over when and how your device uses public Wi-Fi. Once you are all done with your web browsing, make sure to log off any services you were signed into. Then, tell your device to forget the network.
  • If you regularly access online accounts through Wi-Fi hotspots, use a virtual private network (VPN). VPNs encrypt traffic between your computer and the internet, even on unsecured networks. You can get a personal VPN account from a VPN service provider. In addition, some organizations create VPNs to provide secure, remote access for their employees. VPN options are also available for mobile devices and can encrypt information you send through mobile apps.
  • Some Wi-Fi networks use encryption: WEP and WPA are common, but they might not protect you against all hacking programs. WPA2 is the strongest.

Source: Federal Trade Commission

Phone Scams

Phone Scams

Your mobile device is subject to a wide array of scams through calls, text and emails. Being aware of what's true and what's not plays a large part in being a responsible citizen of the digital world. At Cellcom we're constantly monitoring for scams and will alert customers to widespread threats, but it's important to be cautious.

Never give out your personal information to an incoming caller.

This includes your social security number, credit card number, passwords or banking information. A legitimate business, including Cellcom, will not initiate a call and ask for this information.

Don't trust the caller ID.

Spoofing scams are commonplace and can make calls appear to be from a local, familiar number. If you don't know the number and are not expecting a call, it can be helpful to screen calls by letting them go to voicemail. If no voicemail is left, we advise to not call the number back as the owner of the number is not the one originating the phone call and the owner of the number will have no knowledge of the call.

If you receive an "urgent" voicemail, text or call about an account, defer to the phone number on your statement to check your account status.

Do not call the number that is in the message or provided by the caller. If you’re on a call and have suspicions, ask for a call back number and investigate further online before continuing the conversation.

Register your phone number.

To avoid telemarketers and potential scammers from calling, you can register your phone number on the National Do Not Call Registry by going to

Limit exposure of your mobile phone number.

Think carefully before posting your mobile phone number to a public website. Attackers can use software to collect mobile phone numbers from the web and then use those numbers to target attacks.

Block phone numbers.

If you continue to receive unwanted calls from a recurring phone number, consider blocking the number on your iPhone or Android.

Do not follow links sent in suspicious email or text messages.

Such links may lead to malicious websites.

Do not open attachments that you are not expecting or from unknown sources.

These attachments can contain harmful viruses.

You can report phone scam attempts to the FCC.

Remember, these scam attempts can affect all types of phone lines on any carrier. Scammers constantly find new ways to circumvent systems in place, so it's important to be alert to new and changing threats.

Phone Settings

Phone Settings

Consumers are increasingly using mobile phones for capabilities formerly available only on PCs. The bulk of mobile phone security relies on the user making intelligent, cautious choices. Even the most careful users can still fall victim to attacks on their mobile phones. However, following best practices from the US Department of Homeland Security for mobile phone security can reduce the likelihood or consequences of an attack.

Configure the device to be more secure.

Smartphones have a password feature that locks the device until the correct PIN or password is entered. Enable this feature, and choose a reasonably complex password. Enable encryption and remote wipe capabilities, if available.

Configure web accounts to use secure connections.

Accounts for certain websites can be configured to use secure, encrypted connections (look for "HTTPS" or "SSL" in account options pages). Enabling this feature deters attackers from eavesdropping on web sessions. Many popular mail and social networking sites include this option.

Carefully consider what information you want stored on the device.

Remember that with enough time, sophistication, and access to the device, any attacker could obtain your stored information.

Disable interfaces that are not currently in use, such as Bluetooth, infrared, or Wi-Fi.

Attackers can exploit vulnerabilities in software that use these interfaces.

Set Bluetooth–enabled devices to non–discoverable.

When in discoverable mode, your Bluetooth-enabled devices are visible to other nearby devices, which may alert an attacker or infected device to target you. When in non-discoverable mode, your Bluetooth-enabled devices are invisible to other unauthenticated devices.

Avoid joining unknown Wi-Fi networks and using public Wi-Fi hotspots.

Attackers can create phony Wi-Fi hotspots designed to attack mobile phones and may patrol public Wi-Fi networks for unsecured devices. Also, enable encryption on your home Wi-Fi network.

Delete all information stored in a device prior to discarding it.

Check the website of the device's manufacturer for information about securely deleting data. Cellcom will also assist you to securely wipe your device before it is traded in or recycled.

Use third-party services for encryption on your laptop/iPad or mobile device.

If you wish to encrypt phone data when it is backed-up to your PC, use third-party software.

Download mobile security applications.

Utilize applications available from app stores for anti-virus protection, app assessment and remote wiping capabilities.

Stay updated.

Often times, software updates will contain security updates. For this reason, you should be encouraged to keep your operating systems up to date on your handsets.

Kids and Smartphones

Kids & Smartphones

Today's kids are using wireless at early ages to do everything from keeping connected with family and friends to using applications for education and safety to entertainment.With technology so ingrained in everyday life, it is more important than ever to educate yourself and talk to your kids about being safe.

Educate yourself.

Parents are the first line of defense and the best resource in protecting kids from the dangers of cyberspace, so it's important that you educate yourself. Know how your kids use wireless devices; ask what apps and features they're using on their phone. If you need to learn to use your own device better, ask your favorite Cellcom associate.

Set rules.

Laying groundwork for when and how kids can use their phone can help them make better decisions. Set clear limits in regards to where they are allowed to go on the Internet, who they may have contact with, and what information they can share. Sharing personal information like name, school, location and age should be strongly discouraged because information posted is a lot more public and permanent than it seems.

Check settings.

Review the settings on a child's smartphone and social profiles to see what information is being shared publicly. Know that location settings can be turned off on all smartphones and most social networks have privacy controls that should be used.

  • iOS 12 comes with enhanced Privacy and Security features such as: Enhanced tracking prevention, Automatic strong passwords, and more. A list of the iOS 12 Security features are available here,


Built-in features like Restrictions and Family Sharing for iPhone® Parental Controls for Android™ allow parents to restrict app downloads, restrict access to explicit music and restrict books, movies and TV that are not age-appropriate. These features are great ways to reinforce rules that are already set.

  • On iPhones, parents should visit the "Screen Time" menu on their child's phone. This allows a parent to create a pass code on their child's device and set restrictions on the use of the Internet, camera, app downloads and more. You can also block specific websites, apps that might not be age-appropriate and access to location information.
  • On iPhones, parents can also set up "Family Sharing". This allows parents to approve or decline downloads of paid and free applications on their child's phone. When you are part of a family sharing group, you can also locate other members of your family, as well as locate lost devices.
  • On Android devices, parents should visit the "Parental Control" menu in the Google Play store. This allows a parent to create a pass code on their child’s device and set restrictions on what content can be downloaded or purchased.
  • These features are ways to reinforce rules that are already set. It's important to have discussions with your children to make sure they know what's right and wrong and know what you may be blocking and why.

Talk about it.

It's important to have discussions with your children to make sure they know what's right and wrong and know what you may be blocking or watching and why. Keep the lines of communication open and let your child know they can come to you if they see something inappropriate online.

Remind, remind, remind.

It's very easy to get caught up in the moment. Sharing is often an instantaneous reaction, so remind your child to make an effort to stop and think before posting. They should never share anything that could hurt or embarrass themselves or others. Remember once something is shared, it is out of their control whether someone else will forward it.



Geotagging is a feature on smartphones that allows the user to add geographical location data to photos, video, tweets or social media status updates. Automatic geotagging can occur on smartphones either because it is enabled by default on the device or the user was asked about enabling this option and then forgot about it. As result, you may share more information than intended about your location when you snap photos with your smartphone and post them online. Geotagging can be a fun and useful feature when you want to interact with specific friends or to tag photos to show where they were taken.

Protecting your privacy

  • Geotagging has the potential for misuse. If the GPS option is always on, others can watch your geotags over time to determine where you live, where you work, or observe your routine movements. This could make it easier for a burglary to occur when you are away from home or for predators to track your children.
  • When you do not want to publicly disclose your location, consider taking the precaution of turning off the location on your phone to protect yourself and your private information.
  • Review application permissions to determine if an application uses your location. If it unnecessarily asks for permission to use your location, you may want to consider not downloading it or disabling the location services for the app.
  • We encourage parents to take a look at the settings on their children's phones, too, to help keep them safe.

Disable Geotagging

Android Devices:

  • To completely disable GPS location finding for all applications, go to Menu>Settings>Location & Security. Uncheck 'use wireless networks' and 'use GPS satellites'.
  • To disable GPS for only the camera application, start the camera application and in that menu select 'location' and select 'off'.

Apple Devices:

  • Go to Settings>Privacy>Location Services. From this menu you can either turn off all services that use the GPS with one tap or choose which apps can use your location.