There’s old news that cybercriminals are targeting all devices, but it may be surprising to find out that they focus their efforts on breaking smartphones. The number of cyberattacks against smartphones has spiked over the last years, and considering people’s dependency on mobile devices, it’s expected to increase further over the following years.
Due to the pandemic, mobile device and internet use have skyrocketed, so digital criminals have more targets to choose from. Cybercriminals have been ramping up their efforts to create apps and tools to steal sensitive information. Research revealed that there had been a 500% increase in attempted smartphone malware attacks over the first months of 2022. Most attacks aim to steal usernames and passwords for bank or email accounts. Still, some mobile malware also integrates snooping features that allow it to track the user’s location, record video and audio, or delete data and content. As malware evolves, hackers can employ more advanced methods to gain access to people’s information.
Both Android and Apple mobile devices are targets for malware, but studies show that the open nature of the Android marketplace and the possibility to download software from third-party providers make smartphones using Google’s operating system more vulnerable to cyberattacks. Apple devices are more restrictive and prevent users from downloading or opening everything they want, and they can download only apps from the official Apple App Store. However, some users are unhappy with Apple’s restrictions and jailbreak their iPhones. Jailbreaking is the process by which a user removes the restrictions Apple implements to keep users safe. People usually do it because they want to customize their smartphones to their preferences, download apps from third parties, and visit whatever website they want. While it may seem that the process brings several benefits, it’s best to mention that the disadvantages outweigh them because a jailbroken iPhone is more susceptible to cyberattacks. When people choose privilege escalation, they alter the device’s default security capabilities and leave it vulnerable to malware.
People using Apple or Android smartphones can become victims of malware and SMS phishing attacks even if they don’t jailbreak their devices because criminals send text messages containing harmful links designed to trick them to provide personal information and account login credentials. The latest SMS phishing attempts include fake alerts related to the pandemic and missed delivery notifications, requesting users to visit a website and provide their personal information.
Table of Contents
Why do Hackers Target Mobile Devices?
People use their smartphones more than other devices, so they carry detailed information about their owners. Cybercriminals can find on one’s smartphone all kinds of data, from identity to social media info, personal details, confidential photos, and even their location. Smartphones are treasure troves for cybercriminals looking for ways to exploit vulnerabilities. Android phones can be infected with malware quite easily if the users download a third-party app from the Google Play Store. Depending on the malware they deploy, they can even gather personal data, listen to phone conversations, and steal business information.
Hackers target smartphones because they can find private information like videos and images together with sensitive data in the same place. They use the content to blackmail users into paying them to protect their privacy. Some gather personal information to collect financial data like bank account details and steal money. Once they have the username and password for the bank app, they can use the details to perform transactions.
Also, the latest models of smartphones integrate powerful processors, and if cybercriminals gain control over them, they can use the computing power to mine cryptocurrencies. The user will notice that their device is slower than usual but finds no obvious reason.
The most Prevalent Cyber Threats to Smartphones
FluBot is one of the most famous examples of mobile malware which aims to steal usernames and passwords for the websites smartphones users visit. FluBot is one of the most potent malware in the cyber world because it has a worm-like ability that allows it to spread in the system by accessing the users’ address books and sending messages to contacts.
TangleBot is another mobile malware that infects smartphones. Hackers deliver it via fake package-delivery notifications, and it has the role to control mobile devices and steal personal data. When it takes control over a smartphone, it can intercept audio recording, camera footage, and overlay installed mobile apps.
Moghau is an SMS-based malware that creates fake landing pages in multiple languages to trick users into thinking they opened a website designed for their location. In fact, they download trojan malware that infects their devices. Cybercriminals spread it via messages that pretend to be from the user’s mobile network operator.
How can You Protect Your Smartphone?
Now that you know that cybercriminals can use countless methods to access your phone, you may wonder if you can do something to safeguard it from threats. Here are some recommendations to help you enhance its security and protect yourself from digital criminals.
– Update your operating system, no matter if you use an Android or Apple smartphone
– Install apps only from reliable sources
– Update all apps installed on your phone because developers regularly remove all vulnerabilities from each version
– Keep financial data and confidential information in secure places, such as your computer
– Use a security app
– Don’t connect to public Wi-Fi networks
– Use a Virtual Private Network if you connect to public networks
– Turn the Bluetooth service off when you’re not using it
– Regularly check the permissions you grant to installed apps
– Periodically review the list of downloaded apps and remove those you no longer use
– Take note of how your smartphone is performing. If you notice battery drainage or excessive data use, ask a security specialist to review it.
