- use Facebook, Gmail, Yahoo or Dropbox mobile apps?
- ever applied for a job via an employment online portals?
- buy products online or search information about them via your mobile smartphone?
- check your work e-mail from your mobile device?
- make reservations for your holiday using you mobile phone?
- send multi media messages (MMS) via phone?
- use various Wi-Fi mobile connections daily?
If you answered positive at least one of the above questions, then you should know you are at risk. Moreover, the company you work for may be at risk as well. If you don’t check you mobile activity regularly, you should worry. Because someone else is doing it.
What is a mobile attack?
Words like ransomware, malware, phishihg e-mails, data breach or cloud leaks can pretty well describe a cybersecurity issue and some of them can tackle mobile devices. It can happen when you least expect it, when checking your e-mail or when you are downloading a song via a platform that requires an e-mail account. Hell, it can even happen when you are checking your Facebook notifications.
There are 9.4 million Facebook users in Romania and 85% of them are accesing it via mobile (Hootsuite report, January 2017)
Mobile security or mobile phone security has become increasingly important in mobile computing. Of particular concern is the security of personal and business information now stored on smartphones.
Why I am interesting for mobile hackers?
Because you are one of the 11.24 million of Romanian internet users and, most likely, if you are reading this article, one of the 9.4 million of social media users in Romania.
Because you have an e-mail address that can be used by others.
Because you are (at least) a potential e-commerce client and you may have some money.
Because you may be interested in going in a holiday that needs an advanced online payment.
Because you are paying your bills online.
Because you are using passwords via internet.
Because you have a job and sometimes it is easier or mandatory to check your e-mail via phone. Then you are possible giving the cyber criminals important information about the company you work for. By the way, do you see yourself working without an internet connection nowadays?
Because you own a company whose employees have mobiles and use them on the daily job.
Because you are using mobile data, but also various Wi-Fi internet connections.
A smartphone user is exposed to various threats when they use their phone. These threats can disrupt the operation of the smartphone, and transmit or modify user data. So applications must guarantee privacy and integrity of the information they handle. In addition, since some apps could themselves be malware, their functionality and activities should be limited (for example, restricting the apps from accessing location information via GPS, blocking access to the user’s address book, preventing the transmission of data on the network, sending SMS messages that are billed to the user etc).
Out of 8 million mobile users in Romania (+1 million since 2016), 53% are using a smartphone.
3 types of attacks when using a smartphone
- Data: smartphones are devices for data management, and may contain sensitive data like credit card numbers, authentication information, private information, activity logs (calendar, call logs). It can happen you you are buying stuff online or when you are paying your bill or when you are paying you holiday in advance or just a plane ticket for your business trip. E-commerce penetration in Romania (number of purchasers vs. total population) is at 22% and rising, according to a Hootsuite report released in January 2017.
- Identity: smartphones are highly customizable, so the device or its contents can easily be associated with a specific person. For example, every mobile device can transmit information related to the owner of the mobile (phone contract) and an attacker may want to steal the identity of the owner of a smartphone to commit other offenses.
- Availability: attacking a smartphone can limit access to it and deprive the owner of its use.
Cyber criminals do follow the money trail
You may think this is a joke and it can never happen to you. True fact, others believed that too.
According to Cisco Annual Security Report for 2017, 44% of alerts are NEVER investigated and 54% of legitimate alerts are not fixed. Moreover, 80% of breaches last more than 1h.
You may say this is not such a long time, but for a big company one single hour means an important loss of money or other benefits:
- 22% lost customers;
- 23% lost opportunities;
- 29% lost revenue.
Social media is rising, social commerce shows new promises, dark social is fast moving, organisations are increasingly investing in online reach and customer influence, more than half of world population is now online, what do you think this means for cyber criminals? Nothing but a great challenge, a perfect environment to dig in and a high interest on cyber criminals’ agenda. Learn more on mobile security and cybersecurity overall today and protect yourself.