Site icon EP Wired – Executive Protection Magazine

Mobile Security: Threats and How to Avoid Them

Mobile security

Mobile security is fast becoming a top priority for companies today. And for good reason, since pretty much every company employee now daily accesses corporate data from their smartphone. However, keeping important data out of the wrong hands is proving more and more complicated every day.

This, in turn, is a huge problem because, financially speaking, the stakes have never been higher. A corporate data breach today reportedly costs approximately USD 3.8 million dollars – with figures projected to rise annually.

Most people associate mobile security with practices such as SMS spoofing, toll fraud and malware threats. Funny enough, mobile malware infections – the first and foremost of threats in public opinion, are a pretty uncommon occurrence nowadays. Most devices have inbuilt factory protections from this type of threat.

Realistically, the greatest mobile security dangers lurk where most people do not expect them.

Cybercrime and Mobile Devices

Perhaps one of biggest contributors to the increasing risk of mobile security threats comes from our consumer culture. Namely, the desire to be early-adopters of new tech outpaced our ability to secure our mobile lives. And who’s lives – professional and personal, are not today on their phones?

Because of this mobile devices are at the very frontline in the battle against cybercrime. They are the weak link in security that criminals can exploit to their profit – 60% of all cyber security breaches happen through mobile devices.

Some of the biggest and most common mobile security threats include:

Data Leakage

Basically all of the major concerns concerning mobile security, from data loss and theft to malicious applications, are sources of data leakage.

In 2019, data leakage was considered the biggest problem to mobile security. And while the chances of us getting infected by malware are relatively small, the odds of us experiencing a data breach over the next two years are almost one in three – which is to say, close to 30%.

The most troubling fact here is that there doesn’t have to be a third-party attack for a data breach to occur. In fact, they usually happen because people make bad decisions in terms of which apps have insight into their data or are used for transfers.

Advertising Frauds

Like in most cases, we just need to follow the money and it will bring us what we are looking for. According to reports, the global mobile advertising market reached a value of USD 66.6 Billion in 2019 – and is expected to reach USD 266 billion by 2025.

It should come as no surprise that cybercriminals find sector so attractive, coming up with new ways to syphon cash from mobile ad revenue streams. According to estimates, the damages caused by these activities will reach USD 100 billion by 2023.

Advertising frauds take many a guise – the most common are associated with using malware to generate clicks on ads, making them seem to come from legal sources. And since advertisers are commonly paid by the number of clicks they generate, this allows mobile ad fraudsters to steal money from corporate advertising budgets.

Social Engineering

An oldie but goldie in terms of the tricks up a cybercriminal’s sleeve, and it works just as well on our mobile devices as it did desktops. Ironically, social engineering cons are something that you can avoid easily, while at the same time being devilishly effective.

Statistics show that more than 90 percent of all cybercrime begins with an email. Such incidents are called malware less attacks. They include a criminal impersonating someone else to force their victims to click on dangerous link or obtain sensitive info.

Mobile users are particularly vulnerable to these techniques since most email clients only display the sender’s name on the device. Because of that, users are much likelier to respond to the phishing attack, thinking that the email comes from a legitimate source.

Wi-Fi interference

Public Wi-Fi networks are a lot less safe than most people assume. In turn, the security of the network that transmits data directly influences our mobile device’s security.

We are approximately three times as likely to use a Wi-Fi network as we are to use cellular data. Around 25 percent of devices connect to open and potentially unsafe Wi-Fi networks.

If you are experiencing any of the following symptoms, there is a good chance that Wi-Fi interference is in play:

Physical Mobile Breaches

Markedly less sophisticated than those involving high-tech solutions, this is still a very realistic threat. Losing or leaving your device in the open is a major mobile security risk. This is especially true when considering the lax approach employed by many when it comes to the protection protocols on their phones.

Studies show that approximately 30 percent of people have no security measures in place on their corporate mobile devices. It gets even worse. A staggering 50 percent of the people included in the research said that they have neither a password, PIN nor biometric security measures on their devices.

And still it gets worse – almost 70 percent of people use the same passwords on their work and personal devices.

The Take-Away

Mobile security ranks very high on the list of concerns for most companies. That means that keeping sensitive information safe is an increasingly complex job.  And the stakes are pretty high for companies that do not take mobile security seriously.

While passwords and pin codes are possibly not the best way to secure data, that is no reason to use pin codes like “1234” or passwords like “password”.

The message companies should take home is that you should not leave this huge responsibility in the hands of your employees. Don’t assume that nothing will happen, that your employees are too smart to fall for phishing scams.

Just because nobody in your company replied to that Nigerian Prince’s email, doesn’t mean you are out of the woods. Plan ahead, implement correct practices, create policies and keep your mobile devices safe.

Exit mobile version