IT Focus Area: security
May 27, 2015
Smartphone Users Face Alarming Risks
Smartphones have become constant companions, but most people still don’t think about mobile device security the same way they think about security on laptops or PCs. Many expect that their iPhone or Android device is secure by default, when in reality it is up to the user to make security configuration changes. The Today Show recently featured a story that highlights just how serious—and alarming—the consequences can be when hackers gain access to mobile phones.
The rich combination of personal and corporate information that resides on many mobile devices is a major draw for cybercriminals, and they’re using every avenue available to break into them. With the right (inexpensive) equipment, they can gain access to a nearby mobile device in less than 30 seconds and either mirror the device and see everything on it, or install malware that will enable them to siphon data from it at their leisure. They can also use social engineering to entice users into clicking on a weaponized link or attachment, or installing a malicious application.
Increasingly popular tactics include offering an inviting (phony) website, injecting malware into a legitimate website—what’s known as a watering hole attack—and posting a malicious app with an appealing name (such as a fun-sounding game or free software upgrade). Once people click on it they’re compromised, and the attackers can then use their device to do anything it is capable of—without permission.
Attackers can hijack your phone’s microphone and listen to your conversations, see your photos and emails, watch in real-time as you surf the Web, look out of your camera lens, see all of your contacts, and a record of all of the calls you’ve made. This puts your personal information, your email, your financial information and quite possibly corporate information at risk.
What can you do to protect yourself and your organization?
Know you’re at risk
Make sure your operating system and software are up-to-date
Only download apps you know you can trust
Select the right settings on your device
Use a secure password
Don’t do anything sensitive over open Wi-Fi
For more information on mobile device risks in the enterprise, read Mobile Device Security in the Workplace: 6 Key Risks and Challenges.
View more presentations from Forsythe Technology