Over the last couple of years there has been a growing need for better mobile security. The rise of the smartphone has left a lot of users at risk and many people haven’t taken the necessary steps to secure their device and personal data.
This is mainly because the average user probably doesn’t consider it an issue, and even if they did they are unsure of how to deal with it. I have spent a lot of time looking into mobile phone security and would like to share my knowledge and expertise with you.
Why Mobile Security Is Important
A lot of people are careful with any paperwork that contains personal information. However, people do not show the same level of care and attention to mobile security and their smartphones.
This is a fundamental problem as smartphones contain ridiculous amounts of personal data. They give one click access to your entire life. Whether that’s email accounts (which probably holds a lot of passwords for websites etc), social networks, pictures & videos, your address book or even a history of your location.
Without smartphone security all of this data can be accessed by viruses and malicious software, or even just by losing your phone or having it stolen.
What makes this even more of a serious issue is how easy it is for malicious software to rack up huge bills in your name. Unlike a computer based virus which needed the user to enter their credit card details in order to steal money, smartphone viruses have direct access to your bill.
This means malicious software has the ability to charge your phone bill directly via text messages and phone calls which are made in the background without your knowledge. Attacks are becoming more frequent and widespread and it’s time to take mobile security seriously.
Key Points
- Smartphones hold a huge amount of personal data
- Your personal data can be accessed by malicious software or theft of the device
- Malicious software can rack up huge bills in your name
Recent Examples
Over the past year there have been quite a few serious threats targeting a number of devices and users, here’s examples of just a couple of them-
GGTracker
This is one the nasty types of malicious software. The Android based trojan targeted users in the USA and was disguised as a fully functional app which people installed. Once installed it would subscribe users to premium SMS subscriptions without the user’s knowledge in the background.
In 2011 alone, it is estimated that the GGTracker malware stolen over 1 million dollars from users.
Geinimi
The Geinimi trojan is one of the most sophisticated pieces of mobile malware we have seen yet. It originates from China and is secretly hidden in repacked versions of popular apps.
What is particularly scary about this though, is that your phone is in complete control of the hacker. The hacker can send commands remotely to your phone and pretty much do what they want.
This includes grabbing a copy of all of your data, recording your location history and signing you up to premium SMS subscriptions.
Increased Threats In The Future
Smartphones are becoming more and more popular with penetration now reaching 10% of the world’s population. Previously hackers have been able to concentrate their efforts on over 1 billion PC’s, but smartphones are becoming a much more attractive target especially when most users do not employ any form of mobile phone security. One of the biggest attractions with smartphones though is their built in ability to make payments.
Just like with any other type of business, malware writers are always trying to stay one step ahead by continually creating new ways to expand the reach and profit of their malware.
2011 saw a huge rise in mobile security threats, at the start of the year only 1% of users were likely to encounter malware. By the end of 2011 this figure had grown to 4%. In 2011 the Lookout Mobile Security team identified over 1000 infected applications which had doubled in the last 6 months alone.
How To Protect Yourself
Many people don’t even know where to start when it comes to improving their mobile security. Don’t worry though, it isn’t as tricky as you might think and some of it is good old fashioned common sense.
Loss & Theft
Mobile phones are high value targets for thieves and phone theft is on the rise. Have you thought about what you would do if someone stole your phone or you lost it? Thieves could find out everything about you including where you live and what times you’re out of the house.
Mobile security is often an afterthought so prepare for the worst with these simple tips-
- Use a lock code on your phone
- Keep your phone out of sight when not in use
- Make a record of the IMEI number (type *#06# into the phone)
- Report any loss/theft to your network and local police authority immediately
Viruses & Malicious Software
You have antivirus software on your computer right? It is just as important to have an up to date antivirus solution on your smartphone as well.
Google Android
Google Android is currently the main target for malware writers, its open source nature and huge user base makes it very attractive to hackers. As such you need to take Android security seriously.
There are a number of antivirus applications available for Android which work in exactly the same way as your computers antivirus software. Please check out the dedicated Android antivirus guide for more details.
Apple iPhone
Although iPhone users face a smaller threat than Android users, iPhone security is still an issue that you need to take seriously. Luckily for us though there are already a couple of iPhone antivirus applications available which deal with all of the threats automatically in the background.
Block Premium Calls & Texts
You can restrict the amount of damage malicious software can do by blocking premium rate calls and texts. Just give your network operator a call and they should be able to set this up for you. The only problem you might face with this is if you call premium numbers on occasion, for example voting in reality tv shows or entering competitions.
Mobile Phone Insurance
Taking out reliable mobile phone insurance is a great way to give yourself an added layer of protection. Not only will this cover you for the loss and theft of your actual handset but most mobile insurance covers you for unauthorised calls and text messages. So even if in the worst case scenario a malicious piece of software racks up a huge bill, it will be covered by your mobile phone insurance.
If you do choose to take out insurance, carefully read through the policy terms and conditions so you know exactly what to do if you need to make a claim. For example most providers require you to report the phone lost/stolen within 24 hours to them, your network and local police authority to make a valid claim.
Keep Software & Applications Updated
Quite often malicious software exploits vulnerabilities in your phones operating system or applications. It is important to make sure you keep you operating system and all of your phones software up to date as security flaws get fixed as they are discovered. Android handsets and iPhones do a great job of this; just make sure you allow it to update any software.
In Closing
Although mobile phone security is becoming an increased risk, there are a lot of things that can be done to reduce the impact of malicious software. Over the next couple of years expect to see a sharp increase in not only the amount of malware targeting smartphones but also in the amount of tools at our disposal to protect ourselves.
This infographic does a great job of summing up current mobile security risks-
