Mobile security threats (and how to prevent them)

3 hours and 15 minutes is the average amount of time we spend on our phones each day according to RescueTimes.  

With so much time being spent on our devices, the one thing we rarely check is how secure they are. But can you blame us? Accessing what we need on our mobiles is easier than ever with the use of biometric IDs and password keychains. 

Organisations across the world have had to adapt to remote working due to the pandemic. This new sudden shift in the way we work has meant that mobile devices have become more important but also more susceptible to mobile security threats than ever before. 

According to Check Point’s most recent Mobile Security Report, a staggering 97% of organisations faced mobile attacks which used multiple attack vectors in 2020. It’s also an unfortunate truth, but cyber attackers are progressing and becoming more sophisticated in their methods. It’s no wonder the need for organisations to futureproof their mobile security protocols is much greater as a result.   

One of the latest security threats, accessing devices was known as the FluBot.  FluBot was a socially engineered malware disguised as a harmless ‘missed delivery’ message from DHL or DPD with a target set straight on Android devices. Once the user clicked on the link, malicious spyware was installed, which unknown to the victim, allowed hackers access to sensitive data and passwords stored to the device.  

Aside from attacks that focus on the operating system used, it’s suggested at least 40% of the world’s mobile devices are intrinsically susceptible to cyberattacks via hardware.  

Hardware attacks can be hidden in plain sight. This might include attackers accessing information such as call recordings, photos, and GPS data without the user being made aware.  

To prevent mobile security attacks and data leakage, IT leaders need to address mobile risk by equipping employees with the knowledge and tools needed to protect themselves.   

The most common mobile security threats include:  

• Physical threats: Lost or stolen devices can expose users to myriad issues. Devices that aren’t password-protected will allow hackers to easily access personal information. Hackers today are more than able to jailbreak phones to access the mobile information they are after. 
• Using unsecure networks: this type of attack targets those using public Wi-Fi or free hotspots. Spoofed networks are made to look like real networks and may even ask users to create an account with a username and password. This allows hackers to compromise the device and provide that wanted gateway to personal information.  
• App-based mobile threats: When an app which is disguised as legitimate is downloaded and/or given permission by the user for the app to access the device's data. 
• Phishing: Phishing is done through the use of emails, calls, and texts when what is being told to the person appears to be from a trusted source but actually contains malicious links or attachments.  

However, it’s not all doom and gloom. Taking measures such as app vetting and device vulnerability checks with the use of machine learning can help remove human error and take some of the worry away. 

What you can do to improve your mobile security:  

• Keep your phone screen locked: Set your phone to ‘lock when idle’ and be sure to use passcodes, fingerprints or facial recognition.  
• Keep your software updated: Whether you use iOS or Android, make sure to download the latest software updates to help keep hackers out.  
• Be cautious when downloading apps: Firstly, be sure to only use verified app stores. Secondly, look at app reviews and information about the app to verify if it’s legitimate.  

• Equip your devices with anti-malware software: By using anti-malware, you will reduce your risk of falling victim to attacks like FluBot. 
• Avoid unsecured Wi-Fi Hotspots: Hackers create spoof Wi-Fi connections to eavesdrop and collect personal data.  

To further understand the benefits of improving your mobile security, you can download your free eBook, “The SMB Mobile Security Masterclass”, by clicking here. 

In the book, we explore some of the risks that businesses need to be aware of, look at real life examples of security breaches and take you through how you can protect your business with a simple, affordable MDM solution like Android Enterprise Essentials. 

To find out just how simple getting started with Android Enterprise Essentials really is. Click here or get in touch with a member of the Intercity team.