New Threats For Mobile Security
The advent of new and advanced mobile technologies is helping people from different fields of life to manage their affairs with unprecedented convenience. From the office, home, on the road and even from the hotel room in another country- you can easily login to your voicemail at work, view your bank account balance, check your credit card balance, shop new clothes, book travel tickets and lots more in seconds. State-of-the-art digital surveillance software and tools have even made it possible for you to keep your family safe and your business interests protected right from the convenience of your room. Unfortunately, this great level of convenience has brought with it a number of security risks as people are increasingly relying on mobile phones and filling them up with personal data like bank logins, credit card details, user name & passwords.
Security attacks that proved successful on the personal computers are now being tested on unwitting smartphone devices to see what works. With the number of mobile devices (mainly smartphones) with poor protection, there are a plenty of easy targets. According to Lior Kohavi, CTO at CYREN; attackers always strive to search after the weakest point in the chain, and then honing in on the most successful scams.
According to CYREN’s Security Report for 2013, android operating system of Google averaged 5,768 malware attacks daily over a six-month period. As per Q1 2014 Mobile Threat Report by security firm F-Secure Corp, today more than 99 percent of new mobile malware is designed to target Android operating system. Furthermore, the number of documented vulnerabilities for iOS Apple iPhone and iPads has increased to 82 percent in 2013, according to a Symantec report. With all these in mind, here are 4 threats that are new to your smartphone security:
1. Mobile Ransomware and Phishing
Cyber criminals are using social engineering through SMS text messages and mobile apps just like the PC scams. It takes advantage of ‘human behavior and trust’ to gain access to the important data or infiltrate businesses, to make people click on the links. This trick has been used with instant messaging, email, social networks, and now they are even spoofing SMS text messages. If the smartphone users click on an email message from a mobile app without checking its authenticity, they might be downloading a malware and infect their mobile device. These threats have been around for personal computers for a while, and now it is out there in the wild for Android phones as well.
2. Spyware and Identity Theft
The advancement in spying technologies has presented hackers and snoops with a whole new range of options to gain unsolicited access to target devices and scoop up personal information of users, which may then be sold in the black market to interested third-parties, used to steal money from their bank accounts, or exploited in other criminal ways for social or financial gains. The powerful features offered by some of the contemporary monitoring apps like Mobistealth are capable of shredding the concept of security and privacy into tiny pieces, leaving the door wide open for rogue elements to access the data on mobile phones.
3. Infiltrate Mobile Devices using Infected Device
Infected mobile devices allow hackers to breach organization’s perimeter and directly attack other devices on the network instead of having to break in some other way. If hackers have control of infected mobile devices, they can go the traditional route like stealing their contacts or sending text messages to a premium number. Also, if the infected device is connected to a Wi-Fi network, hackers can attack additional systems on that network from the infected phone.
4. Cross-platform Banking Attacks
Hackers are also using personal computer’s malware to infiltrate mobile phones in hybrid attacks on the banking accounts of users. The spying is all done in the browser memory, therefore, hackers can intercept banking credentials of users before they get encrypted and sent across the wire. Furthermore, hackers also put up a warning message, such as “for enhanced security, download this mobile app,” and they ask for the user’s email address and phone number to send an SMS to their phone or to download a link.
5. Cryptocurrency Mining Attacks
If you are wondering why my mobile device is losing battery power too quickly or why mobile device feels overheated, then you might have Cryptocurrency mining malware on your device. This malware infiltrates smartphone devices in search of the digital currencies, such as Bitcoin, Dogecoin and Litecoin. In many cases, these malwares were injected with the CPU mining code from a legitimate Android cryptocurrency mining app.
In order to save smartphone from all these malwares and threats, organizations are required to perform advance mobile security testing and add smart security features in their apps, for which they can take help from security companies. These security companies use advance tools such as penetration testing to make organization’s website and app more secure and safe.