Mobile Malware: The Next Big Threat You Should Be Ready For
By its very definition, mobile malware is all the malicious apps and software we’ve come to be aware of; packaged in a way that threatens mobile devices, including cell phones and tablets. There are different types of malware of course, all designed to do or steal something different. But essentially, they all are deployed the same, by inadvertently downloading malicious code to the device. By 2020 there will be over 6 billion mobile-device users, meaning mobile malware is the next frontier for cyber criminals to gain your sensitive information.
How bad is the risk of mistakenly downloading some form of mobile malware? Since there are multiple ways malware can make its way onto your device, pretty high! Downloading a malicious app is the easiest way to infect your mobile device, making sure that you only download from official app stores and checking apps out before you click are the best ways to avoid a bogus app. Opening a malicious link via an email (phishing) or a text (smishing) is the second most common way to download a malicious package. Phishing scams are notoriously successful, so by taking a moment to determine if the link is legitimate or suspicious, we can avoid mistakenly downloading malware. And finally, just like any desktop, by visiting dangerous or unsecure sites, we risk code being downloaded or private information being stolen without us even knowing. Looking to make sure a site is ‘https’ or has an active SSL Certificate is a good rule of thumb before you go to any website. Especially if it takes information such as credit cards or personally identifiable information (PII).
There are different types of malware that are more commonly found on infected mobile devices:
Keyloggers & Spyware– malware that logs your key strokes to steal credentials, personal information and account numbers. These are on the device itself not the webpage so all keystrokes are seen, including texts and calls.
Trojans – this type of malware poses as a legitimate app that upon being downloaded or can be downloaded by clicking on a bad SMS link, and opens a backdoor for attackers to gain unauthorized access to the device.
Ransomware - like on a desktop, this type of file or application is downloaded inadvertently and then activates by holding your device & files “ransom” until you pay up.
These types of malware are not new, we’ve gotten use to hearing about the breaches in the news, but we often don’t think about them when using our phones. And attackers are using this to their advantage by making malware accessible through text messages and apps, both things we often click without thinking twice about. But there are a few best practices we can follow to avoid falling victim to mobile malware.
Use secure Wi-Fi or VPN connections when accessing important or personal data
Be aware of malicious emails and text & learn how to quickly identify them
Only download things from trusted app stores and websites
Install Antivirus on your phone or mobile management software for your employees.
Don’t jailbreak your device, this makes you more available to malicious third-party apps
Mobile malware is just the next way that attackers are taking advantage of our ignorance to steal personal data. But by being aware of the risks and following general best-practices, just like on desktops, you are already minimizing your chances of being affected. Find more security tips on our Blog!