What Are the Biggest Security Threats Facing Mobile Phones

Mobile phones have now surpassed computers when it comes to the devices most connected to a company network.

Approximately 80% of work is now performed on mobile devices and they make up 60% of the average company’s endpoints.

But unfortunately, mobile security is often lagging behind a company’s computer device security. Businesses often find it more difficult to keep up with these devices, especially if they’re employee owned.

43% of businesses admit that they don’t pay enough attention to mobile device security.

Cloud solutions are a big reason that mobile devices have ended up taking on so much of the workload. They’re just easier to use for certain functions, like checking email, and their anywhere flexibility means they’re a “computer” that’s nearly always with the user.

Hackers have taken notice, targeting mobile devices increasingly with attacks. This is why mobile device security needs to be at the top of every company’s cybersecurity priority list.

Why You Need to Pay Attention to Mobile Device Security

Following are some of the biggest threats facing mobile devices that could cause your business to suffer a data breach or malware infection.

Data Leakages from Apps that “Overshare”

Mobile apps, including business apps, are notorious for oversharing of data with the app maker. Users often just click past the permissions when getting the app set up, but don’t realize how much reach they’re allowing that app.

Many apps ask to access contacts and photos. They also collect certain device information and location data, with some even collecting keystroke patterns and file names of files on a device.

Once that information is sent to the app vendor, it doesn’t usually stay with them. They share it with advertisers, their own vendors, and others, which means that shared data is completely unprotected.

Unsecure & Public Wi-Fi

A mobile device can connect automatically to several different public Wi-Fi networks a week as users are traveling between work, home, shopping, etc.

Hackers will often perpetrate what’s known as a “man in the middle” attack, where they hack into a public Wi-Fi network and from there, intercept data transmissions from other users on the same network.

If someone is logging into their Office 365 account or sending sensitive company email, those details can easily be intercepted if the user isn’t using a secure method of connection, such as a VPN.

Malicious Apps that Hide Themselves

Malware is often planted inside seemingly innocent mobile apps. Users will often be completely unaware they’ve downloaded malware because the app does what it says while secretly injecting devices with adware or spyware.

A new alarming trend is the ability of malicious apps to hide themselves after they’ve been installed to make it harder for the user to remove them.

There was a 30% increase in hidden apps in 2019, making it the most active mobile threat category, according to McAfee.

What the apps do is change their icon to a common system icon (like Settings), making it difficult for a user to identify the app.

Social Phishing

Mobile devices are often used to access social media accounts, and one of the most popular is Facebook and Facebook Messenger.

Social engineering attacks are often used in these types of apps to get users to click malicious links. It’s not always easy for a mobile device user to check the link by hovering it over it before clicking like they may do on their computer.

Mobile links tend to use the “tiny URL” system where links are shortened and use unrecognizable domains. This makes it easy for a phishing scammer to send a link to a dangerous website without it being recognized as malicious.

Poor Device Security

70 million smartphones are lost or stolen every year and 93% of them are never recovered.

If employees and companies don’t practice good device security, that means a thief could easily access a stolen mobile device and all the company accounts that its logged into.

Safeguards like screen locks and the ability to remotely lock or wipe a device are vital to ensuring data is secure once a device has been stolen or lost.

Non-Updated Devices

Mobile device operating systems and applications can have the same types of vulnerabilities as those on computers. But often users don’t keep their devices regularly updated.

This can lead to data breaches and ransomware infections that are able to jump from a smartphone to other devices on the network to infect your entire system.

One way to keep mobile devices updated and managed automatically is through the use of a mobile device manager, such as Microsoft Intune, which comes with the Microsoft 365 Business Premium plan.

Are Your Mobile Devices Properly Protected?

Neuron Computers can help your San Fernando Valley business put a strong mobile device security plan in place whether it uses company-issued or employee owned devices.

Contact us today to review your mobile security options. Call 1-833-4-NEURON or reach us online.