Criminals are taking advantage of an ongoing global crisis to scam a distracted public where they are most vulnerable – their mobile devices. So expect incidents of crippling mobile fraud and lots of it because as the reliance on mobile grows, so do the operation techniques to drain money, data and other digital assets.
It’s quite easy for criminals to target mobile users because of the low barriers to entry. To combat it, companies need to double their anti-fraud efforts to include mobile security otherwise, they run the risk of an attack across every service they offer. And the more mobile access a service provides, the more it is open to vulnerabilities. Stay ahead of an attack by knowing the top mobile security threats to look out for:
IMPORTANT NOTE – UDTSecure Cyber Alert details cyber security risks and how to mitigate them as the threat of a massive global cyber attack looms in Russia’s invasion of Ukraine in this related article.
1. Malicious Mobile Apps
Malware has always been a major cyber threat, but with the unbeatable convenience of mobile, cybercriminals are increasingly targeting mobile apps. Last year, nearly half of companies (46%) experienced a security incident in which an employee downloaded a malicious mobile application. Some of the most common forms of mobile malware include:
- Banking Trojans
- Mobile Remote Access Trojans (MRATS)
- Malware Droppers
- Premium Dialers
- Clickers
2. Attacks On Legitimate Apps
Besides malicious mobile applications, organizations also face cybersecurity threats from legitimate mobile apps. When Facebook, Instagram, and WhatsApp went down for almost 7 hours in late 2021, businesses lost hundreds of millions in revenue. The outage has proven that even global conglomerates are vulnerable to attacks. It maybe wise to reconsider the over-reliance on these apps to connect with potential and existing customers.
3. Mobile Hardware Limitations
Many workplaces adopt a ‘bring your own device’ policy especially with smartphones. But does this pose a risk to the company? The mobile applications running on a mobile device operate under the assumption that the underlying hardware is secure and operational. Even the latest mobile devices contain hardware vulnerabilities which can have a variety of impacts including:
- Denial of Service (DoS) Attacks
- Malware Installation And Persistence
- Mobile Device Management (MDM) Takeover
Below are some key suggestions to keep in mind to secure mobile users in your network:
Encourage a strong password policy. Using shortcuts or having apps automatically remember passwords are common practices for mobile users. Configuring devices to make users input their passwords is one way to ensure that unauthorized users will not get access to data.
Educate your team. Some employees may choose to jailbreak their phones or use risky apps. Letting your team know how these actions could potentially impact the security of the device is crucial. Also, let employees know if there are specific company policies when it comes to their devices to empower them to use their devices wisely.
Set up remote management. If you’ve ever lost your device or had it stolen, you know how critical it is to keep your data secure. Through remote management, IT teams can lock a device down to protect the sensitive data that is on it.
4. Malicious Cross-Border Transactions
Fraudulent cross-border e-commerce transactions spiked during the Covid lockdown of 2021. More than 60% of U.S. and U.K. businesses reported issues, costing over $32 billion in fraudulent transactions in the last few years. As the public comes out of lockdown, businesses need to pay close attention to a resurgence of malicious activity and secure their platforms. Purchase of goods from fake accounts as well as breaking into dormant accounts to drain stored value, will proliferate.
5. Identity Theft
Breaches in 2021 surpassed those in 2020 by almost 20%. As a result, incidents of identity theft will continue to surge even higher in the coming months. This time, it’s not just the number of Account Takeovers (ATOs) that’s going to increase – it’s also the level of technical capability. Advances in deep-fake technology have led to more effective social engineering scams. Cybercriminals are also using A.I. and machine learning to engineer attacks. They are often malicious bots mimicking user login behavior and attempting thousands of user login attempts in seconds.
How To Protect Against Mobile Threats
In the past, mobile devices were not part of the enterprise security strategy. With limited mobile device usage, employees mobile device security took a back seat when it came to endpoint security concerns. As remote and hybrid work becomes more common, companies need mobile security solutions that can address the mobile security threats of now and in the future.
Mobile Device Management
Through Enterprise Mobility + Security, these different devices can be easily managed from one location. If a new employee comes on board, their company-issued and personal devices can be given access to company applications. These applications also ensure that data isn’t transferred from the application to a device. Should an employee leave a company, the data can be wiped remotely as well.
Through the single device management system, both company-issued and personal devices can be managed remotely. Apart from this management system, EM+S also provides single sign-on access, multi-factor authentication, and multiple application management. This suite of products ensures that employees can safely access the data they need to be efficient, no matter where they are or which device they are using.
Are you interested in having EM+S set up at your company, or have other questions? UDT can provide a seamless transition to EM+S, and answer any questions you may have along the way. For a low monthly rate per user, EM+S is an accessible option for most companies.