4 Most Frequent Mobile Device Attacks & How to Protect Against Them
Mobile devices now conduct a majority of the online searches and account for about 60% of all the endpoints in a typical company.
Smartphones and tablets have become a “go-to” for quick and easy access to both personal and business computing. Business apps make work accessible from mobile devices, and as tablet and phone screen options have gotten larger, it’s become easier to do more via these highly portable devices.
But mobile devices are low-hanging fruit to hackers. They are typically less protected than computers and are often connected to public Wi-Fi. It’s important to know the security risks of your mobile devices, so you can work to mitigate those and improve device and data security.
Here are some of the most common mobile device attacks.
1. Phishing via SMS (Smishing)
Phishing via text message is becoming more prevalent as text messaging replaces email. How many texts do you get from retailers and service providers now for things like appointment reminders, shipment tracking, and sale alerts?
Another type of SMS you’ll be receiving more frequently will be smishing. In 2020, smishing attacks rose 328%. This is one of the most dangerous phishing trends to be aware of because many people are simply not yet expecting the text message they receive to be fake.
However, it’s easier than ever for scammers to get a hold of lists of mobile phone numbers. Just think about how many robocalls you receive in a given month. All those number lists floating out there on the Dark Web are being leveraged by large criminal groups to send phishing via text.
How to fight this attack:
- Be aware that you can’t trust all text messages you receive.
- Never send personal details via text message to an unknown number.
- Know that it’s more difficult to do things like checking the legitimacy of links in a text, so it’s best to visit a website directly and not through a link.
2. Mobile Malware
Thousands of apps are rejected from app stores daily because they contain malware. But some do get through and then get downloaded by users and infect their devices.
Legitimate-looking free apps can download and work as usual, but inside contain spyware that is copying everything on the user’s phone. Another dangerous type of mobile malware will hijack a SIM card, access SMS, and other capabilities.
Without proper IT security protections on a mobile device, smartphones and tablets are particularly susceptible to being infected with malware.
How to fight this attack:
- Ensure mobile malware is installed on your device (and all company devices)
- Use DNS filtering to block malicious websites
- Research apps from unknown companies and developers before downloading them
- Keep your devices updated (OS and apps)
3. Public Wi-Fi
Free Wi-Fi can seem great when you’re away from your home or office. It will typically offer a faster connection than many mobile carriers can in certain crowded areas and can save you from using up vital mobile data.
But that public hotspot is also a magnet for hackers that conduct man-in-the-middle attacks. They also connect to the same public Wi-Fi (after all, it’s public & free), and they’ll use special hacking software to spy on the connections of other users.
75% of people admit to connecting to email when on public Wi-Fi. This means that any hacker on that same network could see the details you’re typing in as well as other information.
You always have to assume that someone is looking over your shoulder when on any public Wi-Fi connection.
How to fight this attack:
- Never type in sensitive data (credit card numbers, passwords, etc.) when on a public Wi-Fi
- Use a VPN to encrypt your connection, this keeps a hacker from spying on your activity
- Switch off Wi-Fi and use your mobile carrier connection before entering any sensitive data
4. Malware Infected Public USB Ports
When you’ve just gotten off a plane and are rushing to your next gate, a low battery on your smartphone can completely stress you out. You may approach the gate to your connecting flight, see one of those handy free USB charging ports, and plugin without giving it another thought, grateful for the charge.
But one of the common types of attacks in public places is called “juice jacking.” This is when a cybercriminal places a malware device inside a public USB charging station. Or they may even set up their own fake USB charging station in public areas.
Your USB cable can transmit data as well as electricity, and this means if you plug into one of those infected ports, all the contents of your phone can be copied. Your device could also be infected with malware.
How to fight this attack:
- Charge devices when in public with the plug that connects to an electrical outlet, not the USB port
- Ensure your phone has strong anti-malware installed
- Invest in a “charge only” type of USB charging cable that doesn’t allow a data connection
- Bring your own phone charging battery with you when traveling
How Secure Are the Phones Connecting to Your Business Data?
GEEK911 can help your Silicon Valley area business with a solid mobile device security strategy to ensure your data and devices are properly protected from mobile threats.
Schedule a consultation by calling 1-866-433-5411 or reach us online.