Cybercrooks are increasingly capitalising on the mass adoption of mobile devices by exploiting smartphone users at home or at work. The top threats for a smart phone include:
Data loss: This is the biggest threat to mobile devices, when hackers extract sensitive information from devices or networks through mobile devices.
Social engineering attacks: This tricks users into disclosing personal information or installing malware by replicating everyday ‘social’ applications.
Malware: Traditional computer viruses, computer worms and Trojan horse programmes, adapted for the mobile device.
Data integrity threats: These are attempts to corrupt or modify data to disrupt operations for financial gain.
Resource Abuse: These are attempts to misuse network, device or identity resources.
Web and network-based attacks: These are launched by malicious websites or compromised legitimate sites and exploit a device’s browser.
Mobile devices connect to an entire ecosystem of supporting services and the smartphone synchronises with at least one service that is outside the user’s control. At the same time, many users also directly synchronise workplace mobile devices with home computers. In both scenarios, key assets may be stored in any number of insecure locations outside the direct view of the user and the business for which they work,” says Tamim Taufiq, Head of Consumer Sales in the MENA region for internet security experts, Symantec.
“Norton by Symantec has already witnessed multiple attacks that exploited weaknesses inherent to the Android platform. We have also seen attempts to evade Apple’s strong security with criminals employing socially engineered attacks, such as phishing, to trick people into disclosing sensitive information,” says Taufiq.
This latest data reveals just how effective mobile platforms can be for targeting victims, adds Taufiq: “While sneak attacks through poisoned apps and hidden malware may be obvious to the trained eye, new and unfamiliar users in particular are at high risk as cybercriminals find new ways to replicate legitimate applications.”