People once used traditional desktop computers. Now, people are using mobile devices instead, often to the point of not wanting a desktop at all.
Microsoft estimates that up to 80% of the work in modern enterprise organizations now gets done using mobile devices. Well over half of all web searches come through a mobile device these days as well.
Due to this market pressure, mobile devices have become more targeted in recent years for cybercrime. Hackers realized that mobile devices hold most of the same sensitive information and access to apps and programs that PC’s used to carry. Therefore, they’ve been writing mobile malware, ransomware, and phishing programs to exploit mobile devices.
As of 2020, around 36.5% of organizations were damaged by mobile malware, while 2.5 million people willingly downloaded multiple mobile adware apps.
We need to start treating mobile devices the same way as we treat computers regarding security. Smartphones and tablets desperately need the same types of security precautions installed, including:
- Antivirus/anti-malware
- DNS filtering
- Automated OS and app updates
- Managed backup
Always be on alert for the most common mobile device threats which would leak your data and breach your security. We rounded them up for you.
1. Mobile Malware Hidden in Apps
It’s hard at first glance to tell the difference between a legitimate free app and a malware infected one.
Criminals will offer the same flashy graphics, while the app may even have a high star rating (probably boosted by illicit means). The app may even do what it says on the label.
Malware can still hide behind the scenes, infecting a device as soon as the app is installed. Just to make things worse, many of these apps hide once on your phone or tablet by stealing the icon of a common default system app (such as calendar or settings).
Mobile malware includes all the same varieties of malware that infect computers, such as adware, spyware, ransomware, trojans, and whatever else a criminal can dream up.
2. Vulnerable Communications
Ever sent someone a password or credit card details through a messaging app or a text message? Ever check to see if the communication was encrypted?
Using text based or messenger based communication from a mobile device isn’t always a good idea. Those methods of communication usually aren’t very secure. Sensitive information that’s not encrypted presents easy opportunities for interception by a cybercriminal.
3. Public Wi-Fi & Man-in-the-Middle Attacks
People really like saving their mobile minutes and getting faster connections. To get those, we often use public Wi-Fi even when we know it’s not secure.
People then don’t think before using public Wi-Fi. If we sign into sensitive apps like online banking, shop online while entering credit card details, or sign into our email, someone can grab those credentials.
75% of people surveyed admit to connecting to email when on public Wi-Fi. The survey didn’t ask everyone, and obviously some people don’t want to tell the whole truth, so it’s probably even higher.
Using public Wi-Fi leaves us at high risk of man-in-the-middle attacks. This type of attack occurs when a hacker connects to the public Wi-Fi network and uses their own software to look for people with unprotected communications. Once they find their targets, all the transmitted data from those targets is ripe for the taking.
If using public Wi-Fi, use a Virtual Private Network (VPN) app as well. VPNs automatically encrypt all communications.
4. Juice Jacking on Public USB Charging Stations
What’s with all the slang? Well, it’s both quicker to use and keeps ignorant people out of the loop. Juice jacking occurs through public USB charging stations. Those ports are often welcome sights, especially when we’re low on battery. They’re accessible to everyone, right? That’s the problem. Hackers can easily infect those public USB ports with malware, or even set up fake charging stations in high traffic public areas.
We insert our USB cords, start charging our devices, and that malware copies all our data to the hacker while infecting our device with malicious programming. USB cables primary use is data transmission, not power charging.
In public, use a power adapter that plugs into an outlet, aka a “wall wart”. Traditional three prong plugs only transmit power, not data. Alternatively, purchase a “charge only” USB cord if USB charging is frequently the only option. Do not randomly hook up a data transmission cord to ports you don’t know.
5. Not Getting Updates On Time
Right around 40% of Android devices are running outdated operating systems. When a company retires an operating system, they quit providing updates for it.
Whenever a smartphone or tablet is regularly updated, then it’s easier for a criminal to exploit that mobile device by that taking advantage of code vulnerabilities in the OS or one of the outdated installed apps.
Plenty of companies fail to keep up with employee work device updates. Ignoring updating puts all of that company’s networks at progressively higher risk for breaches and attacks.
Ensure that all apps and the core operating system are kept current. Most of these updates include critical security patches.
Why Do We Publish These?
Here at NoContractVoIP, we believe that your success is our success. To get the latest helpful content delivered to your inbox every month, subscribe to our newsletter here.
Looking for the finest stress-free custom business telephone systems? Contact us or call today at 866-550-0005!