Top Mobile Threats for You to Watch

Top Mobile Threats and Mobile Security Tips

Who would have thought that smartphones and tablets would become the preferred communication device for both personal and business use? It’s a rhetorical question to be sure, but it raises an important thought: Are these devices susceptible to mobile threats? Do they have mobile security?

Our portable and relatively small devices can do anything a big computer can do: web searches, apps for gaming, education, travel, job searches —  you name it. Often all you have to do is say, “Google (or Siri or Cortana or Bixby)” where can I…?” and the answer is literally in the palm of your hands or even in your ears if you’re using a Bluetooth hearing device.

New Plans for Attack

The use of mobile devices is obviously not limited to personal searches like trying to find the best local pizza: Microsoft estimates that up to 80 percent of the workload in many organizations is now done via mobile devices. More than half of all web searches are also now conducted from a mobile device rather than a desktop PC or Mac.

The activities that were formerly performed on traditional computers are now being done on mobile devices instead. Consequently, mobile devices have become more targeted by cyber criminals than in the past few years. Hackers have realized these portable devices hold many of the same sensitive information and app access as a PC or Mac, so they’re creating mobile malware and other exploits to breach these mobile devices.

In 2020, approximately 36 percent of organizations were impacted by mobile malware and 2.5 million people unknowingly downloaded multiple mobile adware apps.

Securing Mobile Devices 

It’s important to start treating mobile devices in the same way as you do computers when it comes to their security. Smartphones and tablets need the same types of security precautions in place, including:

  • Antivirus/anti-malware.
  • DNS filtering.
  • Automated OS and app updates.
  • Managed backup.

Be on the lookout for the most prevalent mobile device threats that allow your data to be leaked or breached. Consider these facts about mobile malware:

  • Hidden malware in apps is really not easy to find. It takes a keen eye and a bit of cynicism.
  • The same types of flashy graphics and  even high star ratings (most likely boosted through suspicious means) are used by scammers. The app may even do what it says it will do when downloaded, but malware can be hidden in the background, infecting a device as soon as the app is installed. And many of these apps will hide once on your phone or tablet by using the icon of a common default system app (like settings or calendar). 
  • Mobile malware can include all the same types of malware that can infect a computer, such as ransomware, adware, spyware, trojans and more.

Unprotected Communications

Have you ever sent someone a password or credit card details over a text message or messaging app? Did you check first to see if the communication was encrypted? Some automatically encrypt and some do not. What about yours?

Many users will use various methods of communication from their mobile devices without knowing how secure those methods are. If sensitive information is transmitted and it’s not encrypted, then a hacker could easily intercept it.

Public Wi-Fi and Man-in-the Middle Attacks

Almost everyone who uses public  Wi-Fi, such as in a library or coffee shop, knows that these networks are notorious for being not secure. And yet people still use it when it’s available or convenient or they want to save their mobile minutes or get a faster connection.

Whether it’s because they’re in a foreign country, in an airport, cheap or just  in a hurry, statistics show that 75 percent of people admit to connecting to email when on public Wi-Fi. They also will sign into apps (even sensitive ones like online banking), and shop online, entering credit card details. 

If you’re on public Wi-Fi, then you’re at high risk of a man-in-the-middle attack. These attacks occur when a hacker connects to the same network (airport outlet is a good example) and looks for victims with unprotected communications. They can then capture any type of data being transmitted.

One way to safely connect to public Wi-Fi is to use a VPN app, which will encrypt your communications. There are also some fairly inexpensive devices you can use  such as USB data blockers. They usually cost less than $10 and act like a shield between the public charging station and your device.

Juice Jacking on Public USB Charging Stations

Like the man-in-the middle attacks, juice jacking infects your device with malware and sets up fake charging stations in public areas.

When you insert your USB cord to charge your device, the malware is copying all the data on your phone and/or infecting it with malicious code. Remember, USB cables aren’t just for charging. They are also used for data transmission.

It’s best to avoid public USB charging ports (in airports and other public places) and re-charge your low battery device with your own power adapter that plugs into an outlet instead. You can also buy a “charge-only” USB cord to use if USB charging is your only option.

Non-updated Devices

Approximately 40 percent of Android devices are running outdated operating systems that no longer get vital security updates. IPhones that have been discontinued but still in use are also subject to treachery.

When your mobile device is not kept updated, then it’s easier for a hacker to use an exploit that takes advantage of a code vulnerability in the OS or one of the installed apps.

Many companies aren’t paying attention to how many employees’ work devices are running current operating systems, which puts their networks at higher risk of a breach. You should ensure that all your apps and your OS are kept updated because many of these updates include critical security patches.

Get Protected Now: Ask us about Mobile Device Security Solutions

With mobile devices handling so much of the computing workload these days, it’s vital they’re properly protected. Contact us to discuss mobile security and management solutions.

Who would have thought that smartphones and tablets would become the preferred communication device for both personal and business use? It’s a rhetorical question to be sure, but it raises an important thought: Are these devices susceptible to mobile threats? Do they have mobile security?

Our portable and relatively small devices can do anything a big computer can do: web searches, apps for gaming, education, travel, job searches —  you name it. Often all you have to do is say, “Google (or Siri or Cortana or Bixby)” where can I…?” and the answer is literally in the palm of your hands or even in your ears if you’re using a Bluetooth hearing device.

New Plans for Attack

The use of mobile devices is obviously not limited to personal searches like trying to find the best local pizza: Microsoft estimates that up to 80 percent of the workload in many organizations is now done via mobile devices. More than half of all web searches are also now conducted from a mobile device rather than a desktop PC or Mac.

The activities that were formerly performed on traditional computers are now being done on mobile devices instead. Consequently, mobile devices have become more targeted by cyber criminals than in the past few years. Hackers have realized these portable devices hold many of the same sensitive information and app access as a PC or Mac, so they’re creating mobile malware and other exploits to breach these mobile devices.

In 2020, approximately 36 percent of organizations were impacted by mobile malware and 2.5 million people unknowingly downloaded multiple mobile adware apps.

Securing Mobile Devices 

It’s important to start treating mobile devices in the same way as you do computers when it comes to their security. Smartphones and tablets need the same types of security precautions in place, including:

  • Antivirus/anti-malware.
  • DNS filtering.
  • Automated OS and app updates.
  • Managed backup.

Be on the lookout for the most prevalent mobile device threats that allow your data to be leaked or breached. Consider these facts about mobile malware:

  • Hidden malware in apps is really not easy to find. It takes a keen eye and a bit of cynicism.
  • The same types of flashy graphics and  even high star ratings (most likely boosted through suspicious means) are used by scammers. The app may even do what it says it will do when downloaded, but malware can be hidden in the background, infecting a device as soon as the app is installed. And many of these apps will hide once on your phone or tablet by using the icon of a common default system app (like settings or calendar). 
  • Mobile malware can include all the same types of malware that can infect a computer, such as ransomware, adware, spyware, trojans and more.

Unprotected Communications

Have you ever sent someone a password or credit card details over a text message or messaging app? Did you check first to see if the communication was encrypted? Some automatically encrypt and some do not. What about yours?

Many users will use various methods of communication from their mobile devices without knowing how secure those methods are. If sensitive information is transmitted and it’s not encrypted, then a hacker could easily intercept it.

Public Wi-Fi and Man-in-the Middle Attacks

Almost everyone who uses public  Wi-Fi, such as in a library or coffee shop, knows that these networks are notorious for being not secure. And yet people still use it when it’s available or convenient or they want to save their mobile minutes or get a faster connection.

Whether it’s because they’re in a foreign country, in an airport, cheap or just  in a hurry, statistics show that 75 percent of people admit to connecting to email when on public Wi-Fi. They also will sign into apps (even sensitive ones like online banking), and shop online, entering credit card details. 

If you’re on public Wi-Fi, then you’re at high risk of a man-in-the-middle attack. These attacks occur when a hacker connects to the same network (airport outlet is a good example) and looks for victims with unprotected communications. They can then capture any type of data being transmitted.

One way to safely connect to public Wi-Fi is to use a VPN app, which will encrypt your communications. There are also some fairly inexpensive devices you can use  such as USB data blockers. They usually cost less than $10 and act like a shield between the public charging station and your device.

Juice Jacking on Public USB Charging Stations

Like the man-in-the middle attacks, juice jacking infects your device with malware and sets up fake charging stations in public areas.

When you insert your USB cord to charge your device, the malware is copying all the data on your phone and/or infecting it with malicious code. Remember, USB cables aren’t just for charging. They are also used for data transmission.

It’s best to avoid public USB charging ports (in airports and other public places) and re-charge your low battery device with your own power adapter that plugs into an outlet instead. You can also buy a “charge-only” USB cord to use if USB charging is your only option.

Non-updated Devices

Approximately 40 percent of Android devices are running outdated operating systems that no longer get vital security updates. IPhones that have been discontinued but still in use are also subject to treachery.

When your mobile device is not kept updated, then it’s easier for a hacker to use an exploit that takes advantage of a code vulnerability in the OS or one of the installed apps.

Many companies aren’t paying attention to how many employees’ work devices are running current operating systems, which puts their networks at higher risk of a breach. You should ensure that all your apps and your OS are kept updated because many of these updates include critical security patches.

Get Protected Now: Ask us about Mobile Device Security Solutions

With mobile devices handling so much of the computing workload these days, it’s vital they’re properly protected. Contact us to discuss mobile security and management solutions.

Posted in
Dave Hatter

Dave Hatter

Dave Hatter (CISSP, CCSP, CCSLP, Security+, Network+) is a cyber security consultant, writer, educator and on-air media contributor. See hundreds of Dave’s expert interviews on cyber security on his YouTube channel, or tune in to 55KRC every Friday morning at 6:30 for his “Tech Friday” segment.

Share this Blog

Enterprise Password Management Promo Wide

Is Your Name or Birthday a Part of Your Password?

If so, you’re a part of the 59 percent of people who don’t follow proper password hygiene. More than 70 percent of passwords are used for more than one system, meaning if cybercriminals crack one, they can access a lot more accounts.

Our free Enterprise Password Management Guide will give you the best password hygiene practices to help you secure your computer and your business.

Download the Guide

Explore the Latest Trends in IT

Cybersecurity for Small Businesses Threat Management Strategies - Intrust IT

Cybersecurity for Small Businesses: Threat Management Strategies

The threat of cybercrime looms larger than ever before. With each passing year, we witness a staggering rise in cyberattacks,...
The Crucial Role of Data Backup in Business Continuity and Disaster Recovery - Intrust IT

The Crucial Role of Data Backup in Business Continuity and Disaster Recovery

Data is the lifeblood of any modern business operation. All organizations rely heavily on digital information, from customer and financial...
What is Two Factor Authentication, and Why Does it Matter - Intrust IT

What Is Two Factor Authentication, and Why Does It Matter?

You’ve likely seen security updates on your phone or computer asking you to set up 2FA or MFA to increase...
Should Information Technology Companies Allow Workers 9 Days AFK - Intrust IT

Should Information Technology Companies Allow Workers 9 Days AFK?

At Intrust IT, we know how powerful stepping away from work can be for our employees’ well-being. We became employee-owned...
The Advantages of Opting for a Managed SOC - Intrust IT

Benefits of Continuous Cybersecurity Monitoring with a Managed Security Operations Center (SOC)

Introduction: The Importance of Robust Cybersecurity in Today's Digital Age As a leading managed service provider, we’ve seen cyber threats...
Local Government Security Breaches Are City Managers Prepared - Intrust IT

Local Government Security Breaches: Are City Officials Prepared?

Virtually every day there’s a new headline about novel cyber threats, government security breaches and municipal government cyber attacks that...