Top 5 threats to your mobile phone

Smartphones and tablets are often the preferred device for communications, web searching, and accessing many types of apps. They’re more portable than laptops and can be used from anywhere. They are not immune from attack though. In this blog, we highlight the top 5 threats to your mobile device – whether that is an iPad or a Samsung Galaxy phone.

Traditional computers are slowly becoming less relevant, with tablets gaining more and more market share as they get ever more powerful. Some mobile phones can even connect to monitors and docking stations now to function just like a traditional laptop.

For example, Microsoft estimates that up to 80% of the workload in many enterprise organisations is now done via mobile devices. Over half of all web searches are also now conducted from a mobile device rather than a desktop PC.

This has caused mobile devices to become more targeted over the past few years. As hackers realise they’re holding the same sensitive information and app access as PCs, they’ve been creating mobile malware and other exploits to breach mobile devices.

According to Checkpoint, in 2020, approximately 27% of organisations were impacted by mobile malware and Statisica reports that 2.5 million people unknowingly downloaded multiple mobile adware apps.

It’s important to start treating mobile devices in the same way as you do computers when it comes to their security. Smartphones and tablets need the same types of security precautions in place, including:

• Antivirus/anti-malware
• DNS filtering
• Automated OS and app updates
• Managed backup

You should be on the lookout for the most prevalent threats to your mobile device that allow your data to be leaked or breached. Here’s our take on what those are.

1. MOBILE MALWARE HIDDEN IN APPS

It’s not easy at first glance to tell the difference between a legitimate free app and one that has malware hidden inside.

Scammers will use the same types of flashy graphics, and the app may even have a high star rating (most likely boosted through suspicious means). The app may even do what it says it will do when downloaded.

But malware can be hidden in the background, infecting a device as soon as the app is installed. And many of these apps will hide once on your phone or tablet by using the icon of a common default system app (like settings or calendar).

Mobile malware can include all the same types of malware that can infect a computer, such as ransomware, adware, spyware, trojans, and more.

2. UNPROTECTED COMMUNICATIONS

Have you ever sent someone a password or credit card details over a text message or messaging app? Did you check to see if the communication was encrypted?

Many users will use various methods of communication from their mobile devices without knowing how secure those methods are. If sensitive information is transmitted and it’s not encrypted, then a hacker could easily intercept it. WhatsApp, Signal and iMessage all encrypt messages but SMS text messages are sent as plain text so be careful.

3. PUBLIC WI-FI & MAN-IN-THE-MIDDLE ATTACKS

Public Wi-Fi has long been known to be non-secure, yet people still use it when it’s available. They want to save their mobile minutes or get a faster connection.

75% of people admit to connecting to email when on public Wi-Fi. Other activities people will do is sign into apps (even sensitive ones like online banking), and shop online, entering credit card details.

If you’re on public Wi-Fi, then you’re at high risk of a man-in-the-middle attack. This is when a hacker connects to the same network and looks for victims with unprotected communications. They can then capture any type of data they’re transmitting.

One way to safely connect to public Wi-Fi is to use a VPN app, which will encrypt your communications.

4. JUICE JACKING ON PUBLIC USB CHARGING STATIONS

Another public mobile breach danger is public USB charging stations. These are often welcome sights especially if you’re low on battery power. However, hackers can infect public USB charging ports with malware and set up fake charging stations in public areas.

Then, when you insert your USB cord to charge your device, the malware starts copying all the data on your phone and/or infecting it with malicious code. See, USB cables aren’t just for charging, they are also used for data transmission.

It’s best to avoid public USB charging ports and charge with your power adapter that plugs into an outlet instead. You can also buy a “charge-only” USB cable to use if USB charging is your only option. (Want to know more about charge-only cables? Dignited.com wrote a great blog about how to tell a data cable from a charging cable here – hint: it’s really difficult!).

5. NON-UPDATED DEVICES

Approximately 40% of Android devices are running outdated operating systems that no longer get vital security updates.

When your mobile device is not kept updated, then it’s easier for a hacker to use an exploit that takes advantage of a code vulnerability in the OS or one of the installed apps.

Many companies aren’t paying attention to how many employees’ work devices are running current operating systems, which puts their networks at higher risk of a breach.

You should ensure that all your apps and your OS are kept updated because many of these updates include critical security patches.

ASK US ABOUT MOBILE DEVICE SECURITY SOLUTIONS

With mobile devices handling so much of the computing workload these days, it’s vital they’re properly protected. Contact us to discuss mobile security and management solutions.

Article used with permission from The Technology Press.