Top Mobile Threats for You to Watch

Who would have thought that smartphones and tablets would become the preferred communication device for both personal and business use? It’s a rhetorical question to be sure, but it raises an important thought: Are these devices susceptible to mobile threats? Do they have mobile security?

Our portable and relatively small devices can do anything a big computer can do: web searches, apps for gaming, education, travel, job searches —  you name it. Often all you have to do is say, “Google (or Siri or Cortana or Bixby)” where can I…?” and the answer is literally in the palm of your hands or even in your ears if you’re using a Bluetooth hearing device.

New Plans for Attack

The use of mobile devices is obviously not limited to personal searches like trying to find the best local pizza: Microsoft estimates that up to 80 percent of the workload in many organizations is now done via mobile devices. More than half of all web searches are also now conducted from a mobile device rather than a desktop PC or Mac.

The activities that were formerly performed on traditional computers are now being done on mobile devices instead. Consequently, mobile devices have become more targeted by cyber criminals than in the past few years. Hackers have realized these portable devices hold many of the same sensitive information and app access as a PC or Mac, so they’re creating mobile malware and other exploits to breach these mobile devices.

In 2020, approximately 36 percent of organizations were impacted by mobile malware and 2.5 million people unknowingly downloaded multiple mobile adware apps.

Securing Mobile Devices 

It’s important to start treating mobile devices in the same way as you do computers when it comes to their security. Smartphones and tablets need the same types of security precautions in place, including:

  • Antivirus/anti-malware.
  • DNS filtering.
  • Automated OS and app updates.
  • Managed backup.

Be on the lookout for the most prevalent mobile device threats that allow your data to be leaked or breached. Consider these facts about mobile malware:

  • Hidden malware in apps is really not easy to find. It takes a keen eye and a bit of cynicism.
  • The same types of flashy graphics and  even high star ratings (most likely boosted through suspicious means) are used by scammers. The app may even do what it says it will do when downloaded, but malware can be hidden in the background, infecting a device as soon as the app is installed. And many of these apps will hide once on your phone or tablet by using the icon of a common default system app (like settings or calendar). 
  • Mobile malware can include all the same types of malware that can infect a computer, such as ransomware, adware, spyware, trojans and more.

Unprotected Communications

Have you ever sent someone a password or credit card details over a text message or messaging app? Did you check first to see if the communication was encrypted? Some automatically encrypt and some do not. What about yours?

Many users will use various methods of communication from their mobile devices without knowing how secure those methods are. If sensitive information is transmitted and it’s not encrypted, then a hacker could easily intercept it.

Public Wi-Fi and Man-in-the Middle Attacks

Almost everyone who uses public  Wi-Fi, such as in a library or coffee shop, knows that these networks are notorious for being not secure. And yet people still use it when it’s available or convenient or they want to save their mobile minutes or get a faster connection.

Whether it’s because they’re in a foreign country, in an airport, cheap or just  in a hurry, statistics show that 75 percent of people admit to connecting to email when on public Wi-Fi. They also will sign into apps (even sensitive ones like online banking), and shop online, entering credit card details. 

If you’re on public Wi-Fi, then you’re at high risk of a man-in-the-middle attack. These attacks occur when a hacker connects to the same network (airport outlet is a good example) and looks for victims with unprotected communications. They can then capture any type of data being transmitted.

One way to safely connect to public Wi-Fi is to use a VPN app, which will encrypt your communications. There are also some fairly inexpensive devices you can use  such as USB data blockers. They usually cost less than $10 and act like a shield between the public charging station and your device.

Juice Jacking on Public USB Charging Stations

Like the man-in-the middle attacks, juice jacking infects your device with malware and sets up fake charging stations in public areas.

When you insert your USB cord to charge your device, the malware is copying all the data on your phone and/or infecting it with malicious code. Remember, USB cables aren’t just for charging. They are also used for data transmission.

It’s best to avoid public USB charging ports (in airports and other public places) and re-charge your low battery device with your own power adapter that plugs into an outlet instead. You can also buy a “charge-only” USB cord to use if USB charging is your only option.

Non-updated Devices

Approximately 40 percent of Android devices are running outdated operating systems that no longer get vital security updates. IPhones that have been discontinued but still in use are also subject to treachery.

When your mobile device is not kept updated, then it’s easier for a hacker to use an exploit that takes advantage of a code vulnerability in the OS or one of the installed apps.

Many companies aren’t paying attention to how many employees’ work devices are running current operating systems, which puts their networks at higher risk of a breach. You should ensure that all your apps and your OS are kept updated because many of these updates include critical security patches.

Get Protected Now: Ask us about Mobile Device Security Solutions

With mobile devices handling so much of the computing workload these days, it’s vital they’re properly protected. Contact us to discuss mobile security and management solutions.

Who would have thought that smartphones and tablets would become the preferred communication device for both personal and business use? It’s a rhetorical question to be sure, but it raises an important thought: Are these devices susceptible to mobile threats? Do they have mobile security?

Our portable and relatively small devices can do anything a big computer can do: web searches, apps for gaming, education, travel, job searches —  you name it. Often all you have to do is say, “Google (or Siri or Cortana or Bixby)” where can I…?” and the answer is literally in the palm of your hands or even in your ears if you’re using a Bluetooth hearing device.

New Plans for Attack

The use of mobile devices is obviously not limited to personal searches like trying to find the best local pizza: Microsoft estimates that up to 80 percent of the workload in many organizations is now done via mobile devices. More than half of all web searches are also now conducted from a mobile device rather than a desktop PC or Mac.

The activities that were formerly performed on traditional computers are now being done on mobile devices instead. Consequently, mobile devices have become more targeted by cyber criminals than in the past few years. Hackers have realized these portable devices hold many of the same sensitive information and app access as a PC or Mac, so they’re creating mobile malware and other exploits to breach these mobile devices.

In 2020, approximately 36 percent of organizations were impacted by mobile malware and 2.5 million people unknowingly downloaded multiple mobile adware apps.

Securing Mobile Devices 

It’s important to start treating mobile devices in the same way as you do computers when it comes to their security. Smartphones and tablets need the same types of security precautions in place, including:

  • Antivirus/anti-malware.
  • DNS filtering.
  • Automated OS and app updates.
  • Managed backup.

Be on the lookout for the most prevalent mobile device threats that allow your data to be leaked or breached. Consider these facts about mobile malware:

  • Hidden malware in apps is really not easy to find. It takes a keen eye and a bit of cynicism.
  • The same types of flashy graphics and  even high star ratings (most likely boosted through suspicious means) are used by scammers. The app may even do what it says it will do when downloaded, but malware can be hidden in the background, infecting a device as soon as the app is installed. And many of these apps will hide once on your phone or tablet by using the icon of a common default system app (like settings or calendar). 
  • Mobile malware can include all the same types of malware that can infect a computer, such as ransomware, adware, spyware, trojans and more.

Unprotected Communications

Have you ever sent someone a password or credit card details over a text message or messaging app? Did you check first to see if the communication was encrypted? Some automatically encrypt and some do not. What about yours?

Many users will use various methods of communication from their mobile devices without knowing how secure those methods are. If sensitive information is transmitted and it’s not encrypted, then a hacker could easily intercept it.

Public Wi-Fi and Man-in-the Middle Attacks

Almost everyone who uses public  Wi-Fi, such as in a library or coffee shop, knows that these networks are notorious for being not secure. And yet people still use it when it’s available or convenient or they want to save their mobile minutes or get a faster connection.

Whether it’s because they’re in a foreign country, in an airport, cheap or just  in a hurry, statistics show that 75 percent of people admit to connecting to email when on public Wi-Fi. They also will sign into apps (even sensitive ones like online banking), and shop online, entering credit card details. 

If you’re on public Wi-Fi, then you’re at high risk of a man-in-the-middle attack. These attacks occur when a hacker connects to the same network (airport outlet is a good example) and looks for victims with unprotected communications. They can then capture any type of data being transmitted.

One way to safely connect to public Wi-Fi is to use a VPN app, which will encrypt your communications. There are also some fairly inexpensive devices you can use  such as USB data blockers. They usually cost less than $10 and act like a shield between the public charging station and your device.

Juice Jacking on Public USB Charging Stations

Like the man-in-the middle attacks, juice jacking infects your device with malware and sets up fake charging stations in public areas.

When you insert your USB cord to charge your device, the malware is copying all the data on your phone and/or infecting it with malicious code. Remember, USB cables aren’t just for charging. They are also used for data transmission.

It’s best to avoid public USB charging ports (in airports and other public places) and re-charge your low battery device with your own power adapter that plugs into an outlet instead. You can also buy a “charge-only” USB cord to use if USB charging is your only option.

Non-updated Devices

Approximately 40 percent of Android devices are running outdated operating systems that no longer get vital security updates. IPhones that have been discontinued but still in use are also subject to treachery.

When your mobile device is not kept updated, then it’s easier for a hacker to use an exploit that takes advantage of a code vulnerability in the OS or one of the installed apps.

Many companies aren’t paying attention to how many employees’ work devices are running current operating systems, which puts their networks at higher risk of a breach. You should ensure that all your apps and your OS are kept updated because many of these updates include critical security patches.

Get Protected Now: Ask us about Mobile Device Security Solutions

With mobile devices handling so much of the computing workload these days, it’s vital they’re properly protected. Contact us to discuss mobile security and management solutions.

Posted in
Dave Hatter

Dave Hatter

Dave Hatter (CISSP, CCSP, CCSLP, Security+, Network+) is a cyber security consultant, writer, educator and on-air media contributor. See hundreds of Dave’s expert interviews on cyber security on his YouTube channel, or tune in to 55KRC every Friday morning at 6:30 for his “Tech Friday” segment.

Share this Blog

Get This Free Resource to Protect Your Business

Checklist: "14 Non-Technical Things You Can Do Today to Protect Your Business from Cyber Crime"

Trending Now: Read More From Intrust IT

2022 Inc. 5000's List

Intrust IT on 2022 Inc. 5000’s List of Fastest Growing Companies

By Tim Rettig | August 18, 2022

CINCINNATI – Intrust IT, a cyber security and IT support company, has been named on the 2022 Inc. 5000’s prestigious annual list of fastest growing companies. For the fourth time, Intrust has ranked among America’s most successful and rapidly growing private businesses. Since its establishment in 1992, the IT company has been putting the “service”…

Microsoft Office Auditing Case Study

How One Client Saved 28K with Microsoft Office 365 Auditing

By Intrust Man | June 16, 2022

We saved one client over $28,000 per year on Microsoft Office 365 licenses through our Office 365 auditing process.  Here at Intrust, almost all of our clients use Microsoft Office 365 licensing for some combination of email hosting, Office software, and Dynamics CRM. Sometimes clients who had Microsoft 365 prior to their relationship with Intrust…

Managed Microsoft 365 featured image

Managed Microsoft 365: 9 Benefits of Managed IT Services

By Tim Rettig | June 16, 2022

If you are using or considering Microsoft 365 for your business? Consider this: Managed Microsoft 365 is even better. Managed 365 means that a managed service provider (MSP) correctly configures, optimizes and provides ongoing support for your Microsoft 365 installation. Here are nine reasons why your company should partner with an MSP for your Microsoft…