Mobile Phone Malware

Can your mobile phone be infected with malware? It sure can. You’re holding a small computer in your hand, and it can be susceptible to malicious software just like your laptop or desktop. Nuisanceware can be problematic when it is downloaded with other applications. Spyware can lead to stolen data, and one step up is stalkerware, which is often the most unethical and malicious of the spyware varieties.

How Does My Phone Get Malware?
If you notice that your mobile phone is getting unusual messages, has modified settings that you didn’t adjust, or is not running optimally, it may be infected.

App Downloads
Hackers spread malware via apps and downloads to your devices. An easy way to do that is via an app that you download. While official app stores usually ensure legitimacy, there are pirated versions that are easier to manipulate. They can appear legitimate but can contain spyware or other malware.  Always read reviews of apps, check their permissions (why does a game need access to your contacts, phone or anything else?) and steer clear of those that seem suspect.

Phishing Emails
Using your phone to check email is convenient. However, beware of clicking on links that may be fraudulent. Email displayed on a mobile device often does not display things that would show up on a desktop or laptop which would alert you to potential mischief. Phishing is one of the most widely used ways to attack an unsuspecting user.

Non-Secure WiFi
Disable automatic connections to wifi networks and be aware that it’s fairly simple to clone a free public network and lure unsuspecting users onto it. Once connected, all your traffic can be seen—including user names and passwords. Using a VPN can add an additional layer of protection when it comes to gaining access to your phone.

Text Messages or Voicemails
It can look legitimate, and it may sound legitimate, but do not give out personal information over the phone through a text or in response to a voice message request.

Protecting Your Device
Whether you’re protecting your personal or professional equipment, the same rules apply. Do not purchase a jailbroken device or modify your own equipment in this way. This is especially true if it is issued by your employer for work. Always use a VPN instead of a public network. Download apps and software only from reputable sources. Often there are rules against any modifications if it is a work device. That includes downloads. Use encryption of storage on the device, especially for all sensitive data. Ensure that you have multi-factor authentication enabled to use apps with access to any sensitive data. Enable a complex password or biometric method to unlock your device and set it to lock when idle for a minute. Get in the habit of locking it immediately—typically by a quick press on the power button. Don’t let others use your phone without your close supervision.

Above all of the methods that you can engage with when it comes to cybersecurity, training is at the top of the list. Human error is the easiest entry point when it comes to illegally accessing your devices which can lead to network access.

If you believe that your device has been compromised with malware, notify your IT team immediately. If you want to protect your small business, contact us today.

By Art Gross posted with permission of Breach Secure Now