These are the screenshots on your phone, and hackers will always try to steal them.
Taking a screenshot on your phone is incredibly simple, and sometimes we do it without even realizing it. Hackers might target these screenshots stored on your device. We'll tell you which ones are most frequently requested and what you should do to avoid problems and stay safe at all times.
If you don't delete them, the screenshots will remain in your phone's gallery, just like any photo you take with your camera. You'll be able to access them at any time, but this also means that if an attacker gains access to your device through malware, they'll be able to view all of the content.
You can take a screenshot to send that image to someone else, to save it to yourself on another device, or to obtain some kind of long-term, more easily accessible information. The problem is that if you fall victim to certain types of malware, such as Luma infostealer, your stored files, including these screenshots, could be stolen.
- Usernames or passwords
A clear example of this is screenshots that include usernames, passwords, or 2FA codes. You might have taken a screenshot of your Wi-Fi password, a very long password you use to access your email, or any other details related to your login credentials for any platform.
This is a mistake. You should never write down passwords or usernames. And certainly do not save screenshots on your phone. Whether in the short or long term, an attacker could access these images, potentially compromising your privacy and security. Your photo gallery isn't encrypted, unlike a good password manager.
- Official documents
For some reason, you might need to take a screenshot of an official document, such as a scanned ID card, passport, or something similar. This allows you to send it via mail or use it on certain platforms that might ask for information from you at a specific time, such as your passport number, which you don't know by heart.
It's also not a good idea to store these kinds of screenshots on your phone. Someone could gain access to your device and use these documents to impersonate you. They could make purchases in your name, register users on social networks as if they were you, and so on.
Bank details
Of course, bank details are another example of screenshots you should never take. This includes your account's IBAN, bank statement, or any information that could link you to the bank, even if it's just the bank's name. If someone sees that you have an account with BBVA, in addition to obtaining specific data, they might launch a targeted phishing attack.
In many cases, banking apps no longer allow screenshots, precisely for the reasons mentioned. They consider it a potential security risk and display a message stating that this action is not possible.
- Private conversations
Saving a screenshot of a private WhatsApp conversation, a direct message on social media, or an email might seem harmless, but it's not a good idea to store it on your phone. For example, that screenshot might contain someone else's name, phone number, or other information that could affect not only you but also a third party.
These images, even if you think they'll only be available on your phone, could fall into the wrong hands. Therefore, it's important to be cautious and not give any opportunity to cybercriminals who might be targeting you.
- Confirming orders or tickets
The order confirmation should also be noted, where the reference number, for example, is displayed. They could use this against you by accessing that platform and entering this code or simply by seeing what you purchased and using it in future phishing attacks, impersonating that brand.
Additionally, it's not a good idea to take screenshots of tickets you received for events like a football match or concert. These tickets will contain a reference code, a QR code, or something similar. If someone steals it, they essentially own the ticket and can sell it online or enter the event as if it were yours.
In short, these are some examples of screenshots you should never take and keep on your phone. If you need to save codes or any kind of information, we recommend using encrypted apps or even saving copies of documents or anything else you need to the cloud or email, but never use screenshots. Tools like Bitwarden or 1Password (with AES-256 encryption) not only store passwords but also include "secure notes" where you can store text or documents in a fully encrypted format.