The good news: Your mobile devices are actually pretty secure, especially compared to computers.
The bad news: Your mobile devices are at risk of malware and other security threats—and those risks are on the rise. According to Verizon's Mobile Threat Index 2018, 64% of organizations reporting have seen an increase in mobile threats over the last year.
"Data breaches on mobile devices may not be common today, but there is growing evidence that hackers are taking steps to target mobile devices with more dangerous malware designed to steal text messages, photos, and call recordings," according to Verizon's Data Breach Investigation Report.
5 Ways Malware Targets Your Mobile Devices
Verizon's Data Breach report noted five types of malware that commonly target mobile devices:
- Trojans: Malicious applications that are disguised as legitimate apps; on laptops and netbooks, trojans open up a "back door" that allows hackers an entryway into your system. (Read more: Fake banking apps are tricking consumers.)
- Spyware: When downloaded, the software stealthily gathers information about you and your device for a third party.
- Riskware: Applications with special code meant to decrease the functionality of your device's security protocols.
- Chargeware: A valid-looking app that actually charges for different services without user knowledge.
- Adware: Those annoying advertisements that pop up and seem impossible to get rid of. Sometimes they are just a nuisance, but some include spyware.
All malware is not created equal, of course. A trojan embedded into an app is more dangerous than a series of pop-up ads. What they all have in common is the ability to capture data from your device without your knowledge or permission and share it with a third party.
Mobile Devices: Still Safer Than Humans
While all of this malware seems pretty scary, smartphones and tablets do offer features like auto-locking, password and biometrics to access data, encryption, and VPN options. However, these features require the user to take action such as setting up a passcode, installing a VPN app, or using the auto-lock option.
"If you don't use your security options, you're at risk," says Michael Bruemmer, Vice President of Experian Data Breach Resolution.
Notably, over 90% of respondents to the Verizon Mobile Threat survey said that mobile devices present a serious and growing security threat, but "many were failing to take basic precautions": Only 39% said they change all default passwords and over half didn't have a public Wi-Fi policy.
Even with the security functions turned on, your device can only do so much to protect your data. Identity thieves and other criminals know there is a lot of money to be made if they can steal that information because they can sell it on the dark web. If you let your guard down for just a moment, that could be all it takes for them to be able to swoop in and compromise your machine.
In other words, the onus is on you, the user, to take a couple of extra security steps.
How to Protect Your Mobile Devices From Malware
While most of us may not understand exactly how malware works or how hackers are able to get access through WiFi (since they're constantly finding new ways to get our personal information), we can prevent issues by:
- Know the security features on your device, and use them. Set your device to lock automatically after one or two minutes of inactivity; activate biometric controls; turn on built-in anti-theft apps, and use privacy controls.
- Keep a close eye on your devices. Don't leave your phone sitting on a table or bar when you walk away and check before leaving security checkpoints when traveling to make sure your phone and tablet are in your bag.
- Update and patch software before you leave home.
- Log out of apps and websites you aren't using.
- Make sure your device has security software and the ability to wipe if the device goes missing (e.g. "Find My iPhone" is an app that iPhone users can use to locate their device if it's lost and wipe it remotely, if necessary).
- Check your social media apps to ensure you are leveraging the privacy and security settings available on Facebook, Twitter, Instagram, LinkedIn, and others.
- Don't click links from emails and text messages unless you're sure they're legit. Phishing and smishing are growing issues and are ways for hackers to get you to download something or divert you to a fake site.
Hackers know your mobile devices carry a lot of important and sensitive information. They want every tidbit they can steal. Your job is to make sure security is priority one. Learn more about who is behind most data breaches and how they happen here.