Image courtesy: 123RF.com
The frenetic pace set by smartphone manufacturers to launch new devices could be leading them to ignore the issue of security threats to these hand-held devices. A report by Kaspersky had shown that such threats have risen steadily since 2010 with as many as 3.5 million of them getting detected across a million devices.
Over the next two to three years, this number grew to a point where the security firm said they were processing a whopping 360,000 malicious files a day with 78% of them being malware programs residing on smartphones. The company had listed out specific threats that all users of smartphones could be facing over the next few years. Here’s what we can to to curb them:
- Data leakage is as old as data itself. With smartphones expanding their memories and extendable memories on top of it, users tend to store lots of data on their phones. Most cases of data leaks are unintentional, especially riskware apps that seek permissions at a broad level and then share it with advertisers. To stay safe, users should provide permissions only to the level that they can carry out necessary functions. Android and iOS have added protocols that makes you aware of the levels of permissions.
- Unsecured WIFI connections are another challenge. Waiting at the airport, one cannot resist connecting to a network that is unsecured. It is known that once you get on to the networks, even juvenile hackers would be able to break into their social media, payment apps etc. To stay safe, users need to just stay away from such connections, not worrying about some extra cellular data being used up while awaiting their flight.
- Network spoofing happens when hackers set up fake access points, which means that those falling prey to the lure of free WIFI networks are likely to be victims here. Locations such as coffee shops, libraries etc. are easy to rig with cybercriminals often asking users to create an account to access these services. To stay safe, users should refrain from giving their regular use email and passwords.
- Phishing attacks are easier on smartphones as they’re always in power-on mode. Given that users regularly monitor emails, chats, social platforms etc. they are susceptible due to the fact that data displayed is less compared to bigger screens. This makes them click on <more> links as they delve deeper. To stay safe, users must refrain from clicking on any unfamiliar email links on their smartphones.
- Spyware could create worse troubles for smartphone users than malware, because it is usually the work of someone within their ecosystems. Could be spouses, co-workers or even employees who want to track your whereabouts. Here is what stalkerware can do and how you need to tackle it. To stay safe, users should compulsorily load antivirus and malware detection suites on their phones.
- Broken cryptography happens when app developers use weak encryption algorithms. In such cases attackers can expose vulnerabilities left by the developers for want of time or negligence. Poor encryption is what leads to cracked passwords though criminals could also use back door entry such as modifying app functions like text messaging in order to gain control of a phone. To stay safe, there is nothing much a user can do other than limit use of apps that share data and their encryption levels are dubious.
- Improper session handling is what happens when mobile apps use tokens to ensure easy mobile device transactions. Tokens are used by apps to identify and validate other devices. While secure apps generate new tokens each time a session starts, others may end up sharing session tokens. This makes the transaction vulnerable to malicious actors who then impersonate legitimate users. To stay safe, users should always end sessions, be it accessing your office intranet or even your email.
- Text Phishing incidents are now getting more regular as criminals seek to trick people into downloading malware by clicking on suspicious links. To stay safe, avoid all such text messages that you get via SMS or WhatsApp, even from known brands.
Of course, these are only solutions to existing challenges. What tomorrow brings could be something more vicious just as Covid-19 is proving to the entire humanity.