Your security setup is only as good as your weakest link and with more and more people working remotely, those weak links tend to be mobile devices. Keeping them secure can go a long way to making your cyber security watertight. But, half of the battle is knowing what to look out for – here we outline 4 major threats to your mobile devices in 2023, and what you can do to prevent them.
Mobile Adware
Mobile Adware, or MadWare as it’s sometimes known, is a script that’s been installed on your phone without your knowledge. Its purpose is to collect your data to better target you with ads, which on the face of it isn’t too sinister. However, it often has spyware and malware bundled in with it, meaning that you could be exposing your personal information and your organisation’s data to third parties, cybercriminals, or both.
While ads may not be that much of a concern, the fact that these types of programme also gather data on your location, internet usage, and even your contacts is. This creates a problem not only for you but possibly for everyone in your contacts list. Moreover, if you connect to a company network, there’s a reasonable chance that malware and spyware will make it onto that too.
Viruses & Trojan horses
Viruses and Trojan horses can also infiltrate your mobile devices. They are usually bundled with what appear to be legitimate apps and programmes. They typically take control of your mobile device and mine the data it contains or has access to, such as your banking information, email or other sensitive files. This is particularly concerning if you or your team interact with a lot of sensitive information over your mobile devices. In an ideal world, you should only use work phones for work-related procedures and tasks, and limit the types of apps and programmes that can be installed on them.
Browser exploitation
Browsing the internet, while harder to monitor, should also be strictly work-related and ideally performed over a secure network. It’s become increasingly common for attackers to target flaws in browser security, specifically through apps that interact with them, such as a PDF reader. If your mobile browser’s homepage or search page changes unexpectedly, it could be a sign that you’ve been the victim of browser exploitation.
Similarly, something known as address bar spoofing has become increasingly prevalent. This technique sees the legitimate URL on a browser address bar replaced with a rogue one, leading to potential data or financial theft. It’s quite hard to detect, and it was targeted at browsers on the most common device types. Patches to the device’s operating system tend to mitigate the risk of address bar spoofing, so it’s vitally important that all devices are updated as often as required.
Phishing apps and greyware
Phishing apps are a fresh take on an old problem. Previously, criminals would send emails that appeared to come from a reliable source, asking for personal information like your password, in the hopes that you’d be trusting enough to respond.
Phishing apps are designed to look like legitimate apps, but secretly collect the information you enter, including passwords, account numbers, and other sensitive information. Grayware apps, meanwhile, aren’t entirely malicious, but they can be inconvenient because they frequently expose users to privacy risks. Common examples of greyware are location trackers, browsing monitors, and programs that serve unwanted pop-up ads. While not as dangerous as other malicious software, greyware often leads to system vulnerabilities that create opportunities for cyber attacks.
Worried your devices might not be as secure as they should be? Give us a visit at Nutbourne.com