As more and more small- and medium-sized businesses (SMBs) issue tablets or smartphones to their employees or adopt bring your own device policies, hackers are increasingly attacking mobile devices. In fact, a Check Point Research report found that the number of cyberattacks targeting mobile devices in the first half of 2019 rose by 50% compared to the same period in 2018. To protect your company from such attacks, you need to know about these four mobile security threats.
Mobile Security Threat #1: Malware
There are now malicious software programs, also known as malware, that specifically attack mobile devices, especially those that run on Android. The most popular is the Triada Trojan — regarded as the most widely distributed and sophisticated mobile malware so far. It uses root privileges to control all installed apps, display ads, download harmful apps, and send SMS messages to premium phone numbers. In June 2019, Google reported that Triada came pre-installed on millions of new budget Android devices.
Other types of mobile malware, commonly spyware and adware, are usually injected in legitimate-looking apps. Mobile spyware, also known as stalkerware, is designed to secretly collect your data (e.g., internet usage, contacts, location) and transmit it to third parties. These programs are usually paired with mobile adware — short for advertising software — so they can spam you with more targeted ads.
What you can do
Download apps only from official stores with stringent screening processes, like the Apple App Store and Google Play Store. But before you download any app, make sure to read its reviews since some malware-infected apps have reportedly gotten through these stores. Also, avoid jailbreaking or rooting your phone or tablet, and install a trusted anti-malware app on your mobile devices.
Mobile Security Threat #2: Data Leakage
Data leakage is the unauthorized access to your data, whether accidentally or intentionally. Mobile apps are often to blame for data leaks in mobile devices since many users tend to grant these broad permissions, such as access to their devices’ microphone, location, camera, contacts, and files.
What you can do
Make sure that all the tablets and smartphones your employees use for work are registered under your company’s mobile device management solution. This will help you monitor, manage, and secure their devices. It also ensures that all installed apps only have the necessary permissions they need to function properly.
Mobile Security Threat #3: Unsecured Wi-Fi Connections
To save on cellular data, you may be tempted to connect to free Wi-Fi networks in public places like airports and coffee shops. However, doing so can put you at risk since these public Wi-Fi networks are usually unsecured, which means these can easily be intercepted by hackers or used to deliver malware.
In fact, some public Wi-Fi networks are just fake access points that hackers set up as traps. They give these access points names such as “Free Airport Wi-Fi” to trick users into connecting.
What you can do
Avoid connecting to public Wi-Fi networks. But if it’s the only option, use a robust virtual private network service to secure the connection.
Mobile Security Threat #4: Phishing
While phishing scams are nothing new, users are more likely to fall victim to such scams while working on their mobile devices than on their larger-screened computers. For one, mobile devices have smaller screens, so mobile email apps usually only display the sender’s name, making it easy to trick users into thinking that the message is from someone they know. Also, you usually can’t hover over a link to check its true URL destination using mobile devices.
What’s more, many employees who also work on their mobile devices tend to do so while they’re on the go or multitasking. This makes them more susceptible to clicking on links or downloading attachments.
What you can do
Utilize an email security solution and conduct regular cybersecurity training, especially phishing simulations, for your employees.
With the growing sophistication of cyberattacks, SMBs need to use a strategic approach to cybersecurity — one that may require the help of IT experts. When you partner with Integris, you can rest easy knowing that your data, devices, and systems are always protected. Schedule your FREE consultation to get started. We service companies in Wichita, Denver, Dallas, Bonita Springs, Rochester and Buffalo.
