Cyberattacks on cell phones: how to protect yourself?
Mobile phones are exposed to the same risks as computers. This is how to protect them.
Mobile: what are the risks?
According to the “Digital 2020” study by We Are Social and Hootsuite, more than 5.19 billion people worldwide use a cell phone, increasing 124 million (2.4%) since last year.
According to GlobalWebIndex, more than half (50.1%) of time spent on the Internet is spent on mobile devices.
These uses do involve risks, which are the same as for computers, except for one nuance. Whether they browse the web via their personal or professional smartphone, users feel less targeted by attacks than when they use a computer.
This sense of security is even greater for iPhone users, whose operating system remains less vulnerable – but not necessarily immune – to cyberattacks. However, there are many vectors of infection, and hackers have the same goals on cell phones. At the top of the list: data theft, the generation of false clicks on advertisements, and ransom demands.
Smartphones: what are the most common attack vectors?
Malicious applications are fake ones, well enough made to pass as real. Their goal: to damage and destroy an information system, to steal, modify or delete data, but also to display advertisements. They are often added to the code of mobile applications and are triggered once the app is downloaded and activated. They are essentially used as a gateway for hackers to steal personal data.
Phishing and SMishing
Phishing is a relatively simple hacking technique: it involves inciting a user to communicate his data via a screen site or a fraudulent email.
Smishing is the SMS version of phishing. Unlike attacks coming from web browsing, SMS is specific to the mobile, and users are often less vigilant.
This type of cyberattack occurs when a user connects to a public Wi-Fi network, for example, from an airport, restaurant, or hotel, and their communications are intercepted without their knowledge. The risk is that a hacker may steal their data.
Focus: system vulnerabilities
Regularly “patched” via updates, vulnerabilities in a mobile operating system remain a significant risk factor. Although they are not detected or are hardly detected at all, they are exploited by hackers and intelligence services. These are known as zero-day vulnerabilities.
Moreover, even when OS editors and terminal manufacturers have provided a security patch, installing the update itself requires an action on the user’s part, which is not always carried out.
How to secure mobiles?
To make your mobile more secure, antivirus, and software solutions sold on the market represent the first barrier to threats but are not always enough. They must also be complemented by raising awareness among those most concerned: the users themselves. Here are some good reflexes to adopt:
- choose a complex password
- perform all updates required by the operating system or downloaded applications
- do not download applications outside the official app stores
- block unsafe and unknown sources (often the default setting)
- avoid public Wi-Fi and block automatic connections to such networks
- use a VPN
- never communicate your data by email or SMS, even to official authorities, simply because they never ask for it (you will be facing a hacker)
- control the permissions of all your applications and disable options that are too intrusive and unnecessary to the app’s operation
- encrypt your data, making it unreadable in case of theft (function available in the “Security” tab of most devices)
To discover our mobile threats management offers, contact us!