By 2020, there will be over 6 billion smartphone users worldwide.
With that many smartphones in play at one time, it’s noteworthy that both users and hackers have very limited interest. Mobile malware, for example, is relatively infrequent, with only 8% of all malware infections taking place on phones.
For every mobile hacking attack, there are exactly forty on PCs, largely due to the fact that mobiles operate on far more customized systems, and malware must be tailored-made to suit it, unlike a PC where the scope of attack is far wider.
The bad news for smartphone users, which is practically all of us, is trends don’t look good.
Whilst we are largely avoiding the next smartphone attack, the laws of economics will win out, and attackers will seek out better more advanced ways to penetrate phone security as more and more people own and depend on smartphones.
The good news is that by creating better cyber awareness around smartphone vulnerabilities, we put ourselves in a much better position to defend ourselves.
What is Mobile Malware?
Well, it’s malware, however there are many varying types such as:
Mobile spyware: This malicious software works its way into programs and covertly monitors your activity, harvests your data and records your info including passwords.
Rooting malware: These bugs gain ‘root’ access to mobile devices. They grant hackers administrative privileges and access to user files. Some rooting malware can embed in system folders, making a factory reset irrelevant.
Banking Trojans: In 2017, mobile banking Trojans attacked over quarter of a million users in 164 different countries. Attackers pretending to be a legitimate banking app convince users to download the app and then steal banking details.
SMS malware: This mobile malware gets your phone to send premium- rate text messages, charging up huge bills.
How Phones Get Infected
The most popular and obvious way is through a malicious app download. Although hackers frequently use a mobile version of spear-phishing techniques, akin to phishing emails, just through sms.
If you click a link on a fraudulent email or text, it sends you to a imitation site and automatically downloads malware onto your cell phone.
Then there is exposure. Many cell phone users who want to keep their WIFI on at all times, resort to connecting to public hotspots. As public WIFI is usually unencrypted, attackers can capture the data stream. These "man-in-the-middle attacks," enable intruders to monitor all data carried over the compromised network.
Tips for Securing Your Cell.
- Be wary of public WIFI
Do not access sensitive data through public WiFi, such as online banking or private work emails, as a "man-in-the-middle" attack may be used to take control of your mobile. Use a 3G or 4G, or a VPN.
- Only download applications from official stores
Shrewd hackers can crack through the security practices of the Apple store and Google Play Protect, but your chances of downloading a malicious app are far lower if you stay with official app stores.
- Update your operating system
Aside from running at half the speed, outdated phones are a real target for cybercriminals, make sure yours isn’t.
Hackers use known vulnerabilities in an operating system, that haven’t been patched, so keep on updating, even if it is frustrating.
Install updates as a new version is released, to minimize risk.
- Encrypt it
Encrypting a phone scrambles files so that only you have access. It means you will have to use a pin/passcode to decrypt your phone each time you use it, why is irritating but much safer.
- Review access permissions
In some cases, it may be useful to allow an app to access your location, such as a transport or weather app. But does the app need to know your location even when you're not using it? Review your app permissions in your privacy settings, and disable any consents that are unnecessary is worth the effort.