Back in 2014, the GSMA established that the world contained as many mobile devices as human beings. Mobile phones are ubiquitous. Most of us take them everywhere we go; we use them at work and play. The trouble is, this little packet of goodness is connected to everything else via the Internet and apps. This mix of used by everyone coupled with being open to the world attracts cybercriminals like bees to honey.
RSA, in their “Current State of Cybercrime 2018” report, found that mobile threats are abundant. In fact, over 60% of online fraud is via mobile platforms according to their survey. And the route into the fraud – 80% of mobile fraud is via mobile app and not mobile web browsers. Just as an example of the scope of the threat, Google had to recently remove over 200 apps from the Google Play Store that were infected with one particular type of malware (Simbad). This is just the tip of the iceberg.
Type of Mobile Security Threats
Like any other cybersecurity threat, the starting place to preventing a threat becoming a security incident is to know what you are up against. One of the worrying trends in all malware, including mobile malware, is that the underlying program is becoming more ‘intelligent’. That is, the code can morph how it works, even hide from detection by antivirus tools. So, it is hard to keep up to date with specific malware types as they are likely to change. Security awareness training programs are designed to keep people up to date with this ever-changing security landscape. However, you can also see general ways that cybercriminals operate and focus on those. This can help you to mitigate the chances of becoming a victim of cybercrime via a mobile device.
Some of the more prevalent mobile threats include:
Symantec found that mobile ransomware increased by 33% in 2018. Ransomware that affects a mobile device is similar to its desktop counterpart – it performs a malicious action, like locking the mobile device and/or stealing data. Like the desktop version, you will see a screen message telling you to pay up to unlock your phone and get your data back.
Apps are behind many mobile ransomware attacks. If you download and install an infected app from a store your phone will become infected with the ransomware.
Ransomware doesn’t just affect Android phones; iPhones are susceptible too. There was even a recent fake ransomware attack in the UK that affected iPhone users. The victims of the fake mobile ransomware saw a screen demanding payment in the form of a £100 iTunes Gift card. It turned out the phone wasn’t infected with ransomware, but the phone owner would have to know how to remove the threat to get back into their phone, all the same.
Mobile Banking Trojans
Trojanised apps are downloaded from both legitimate and illegitimate app stores. Sometimes they are also hidden in games. They present a convincing fake bank app interface when you go to use your mobile banking app. You think you’re logging into your bank, when, in fact, you are logging into a fake site. Banking trojans can also connect your mobile to a remote server which contains various bank spoofs. When you launch your legitimate banking app, this server recognises which banking app you are using and presents the spoof app interface to you. Once you enter your bank credentials, they are sent, via the cybercriminal in control, to the real bank login page and hey presto, the cybercriminal is in your bank account. There are many variants on the theme of stealing bank login credentials, so it is wise to keep on top of this security threat. Mobile banking trojans increased by 58% in Q1 2019.
Mobile apps aren’t the only way malicious activity occurs on a mobile device. Mobile phones have their own version of the phishing email in the form of text phishing or ‘SMSishing’. Some malware, like TimpDoor, will try to enter the mobile device via a text message. In the case of TimpDoor, the user will receive a link in a text message; if they click on it, they see a webpage or a message to download a voicemail. If they do so, a backdoor is created using malicious code. This backdoor allows the cybercriminal to enter the corporate or home network via the phone, infecting the network or exfiltrating data. The Defence Works wrote recently about a Natwest SMiShing scam that used text based phishing links to steal bank login credentials.
7 Tips to Mobile Security
We love our mobile phones. But, instead of throwing them away to avoid becoming a victim of banking trojans, ransomware or any other malicious program, we can take these precautions:
- Keep your mobile operating system and other apps updated.
- Be careful where you download apps from, and which apps to use – be ‘app-choosy’.
- Watch out for fake apps. If you get an invite for an app, check out the app before you download. Go online, research it. Does it look legitimate? Check for spelling and grammatical errors in the app descriptions.
- Don’t click on the links for mobile app downloads in social posts or reviews. Always go to a company website directly, or carefully choose from a legitimate app store.
- Use a security app to protect your device and data.
- Backup your data frequently
- Stay aware of mobile security issues and new mobile malware threats