How to Keep Your Mobile Devices Safe From Cyber Threats

woman typing on phone

diego_cervo/Getty Images

The landscape of cybercrime is constantly changing and growing as hackers seek out new ways to make money. Over the past few years, there have been a slew of headlines reporting massive data hacks on major platforms and companies such as Uber, Twitter, Google, Marriot, Target, and others, where hackers have stolen millions of consumers' personal information including names, social security numbers, addresses, and credit card numbers.

The Impact of Cybercrime

From 2016 to 2020, the financial impact of fraud cases has multiplied several folds, costing victims an annual total of $42 billion in 2020 according to PwC global economic crime survey. The majority of that fraud involved some sort of cybercrime. The majority of that fraud involved some sort of cybercrime.

When it comes to cybercrime, your mobile phone isn't exempt. When any device is connected to the internet, as most phones are, the users of those devices face many of the same threats as desktop computer users.

Keep reading to learn the types of cyber threats that affect mobile devices, along with some ways to reduce your risk.

Cyber Threats to Mobile Devices

Many of the cyber threats that face mobile devices are simply the mobile version of threats that face desktop computers. Still, it's helpful to review these threats and some of the ways the attacks are customized for mobile devices.

Mobile Ransomware

Ransomware is a type of malware that locks up your device. Once you've been infected, you lose your ability to access all of the data on your phone until you pay a ransom to the criminal. Depending on the type of ransomware, you could lose your call history, contacts, photos, messages, and many basic phone functions.

Even if you pay the ransom, there's no guarantee that your device will be fixed, so it's best not to buy any software that pops up during a ransomware attack.

Scareware is similar to ransomware. The difference with scareware is that you don't lose your access to data. Instead, a pop-up or similar message attempts to scare you into believing you've been infected by a virus. The scareware will advertise software to combat the viruses, but that software itself is the virus. The key is to do nothing—as long as you don't download the scareware or give out any personal information, you won't get a virus.

Spyware and Drive-By Downloads

Not all malware is as obvious as ransomware. Some malware is designed to go unnoticed, and these viruses are known as spyware. Spyware can be installed on your device without your knowledge by hackers. It can also be accidentally installed while browsing the internet. This is known as a "drive-by download." You think you're simply visiting a website, but the site clandestinely installs spyware on your device.

Once it's on your device, spyware can track your device use and extract personal data like locations and passwords. Whatever the spyware collects is sent back to the cybercriminal who created it.

Malicious Apps or "Riskware"

There's an app for everything, but not all of those apps are convenient tools or benign entertainment. That time-killing game you downloaded might be fun, but it might also be collecting intimate details about you and sending them to advertisers or bad actors.

These apps ask for permissions and data access under the guise of improving the app experience, but what they're actually doing is mining data to sell. Falling victim to these scams is known as "data leakage." At best, this scam results in increasingly invasive ads. At worst, sensitive data could end up in the hands of criminals who use it to steal your identity.

Phishing and Smishing Scams

Phishing is a common cyber scam that costs victims millions of dollars every year. Phishing can be broad and crude or targeted and specific, but in general, the scam starts as an email that appears to be from a business or person you know. It contains a link and asks you to input some information, such as a confirmation of account information. However, the email isn't actually from the entity you know, and any information you enter goes straight to the scammer.

This may sound like an easy scam to avoid, but phishing emails can be advanced. It's easy to mistake them with the real thing. In some ways, mobile devices heighten this threat.

Users may be more likely to quickly open up an email if they get an alert on their phone, as opposed to desktop users who purposefully sift through their inbox.

"Smishing" or "SMiShing" is a new take on the phishing scam. The scam plays out the exact same way, but instead of using email, the scammers use text messages (the "SMS" in "SMiShing").

Free Wi-Fi Can Pose Threats

It may seem like a nice perk for a coffee shop or transit terminal to offer free wireless internet, and it is, but it's also a potential threat. Free Wi-Fi is often unsecured, which allows hackers to place themselves between your device and the Wi-Fi hotspot. Anything you do online while using the free connection could be intercepted by bad actors.

Security Measures to Help Prevent Cyber Threats

Luckily, you aren't powerless when it comes to cyber threats. In many cases, due diligence will go a long way in stopping the attack before it begins. In order to protect yourself from these mobile device attacks, keep the following steps and tips in mind.

Consider Security Software for Your Device

Just like how you can download antivirus software for your computer, you can do the same thing for your mobile device. Consider using security software that will protect your phone from malware and riskware. Some security software also comes with password managers, which can help keep your login information safe.

Create Better Passwords

If you still use passwords such as your pet’s name or address, you have to start getting serious about your security. Make passwords at least eight characters long (the longer, the better), and combine letters, numbers, and symbols. Do not include any information that might be guessed, such as the name of your child or dog. Long chains of random characters are best. If you have trouble remembering passwords, don't make the passwords simpler. Instead, consider using a password manager.

Keep Software Updated

Update your software on your device when prompted. These updates often include fixes to security vulnerabilities. They're usually quick, too, and failing to run them can create an easy opening for hackers.

Check Bank Statements and Mobile Charges

The vast majority of identity theft cases and cybercrimes involve financial fraud. That's why you need to regularly check your mobile charges, bank statements, and any other financial accounts you have.

Scrutinizing financial records goes beyond mobile device security, and it should be a routine part of your security habits.

Beware of Unfamiliar Apps

Before downloading a new game to kill time, do a little research on the app and the app's developer. Carelessly downloading apps invites spyware, ransomware, and data leakage. By carefully researching what you're downloading before you download it, you can prevent many of these attacks. Simply plugging the developer's name into a search engine could help raise red flags on suspicious software.

Turn Off Unnecessary Features

Turn off any features you don't need at that moment. For instance, if you are not using GPS, Bluetooth, or Wi-Fi, turn them off. This is especially important in public spaces, such as in places with free Wi-Fi. If you do decide to use free Wi-Fi, avoid accessing sensitive information through the network. For example, don't do your banking or pay bills on a public, unsecured network.

The Bottom Line

Most of us do not have the knowledge, time, or resources to protect our identities. However, it is important to remember that it is not always possible to prevent all fraud or identity theft. This is why it is best to take the steps that you can and invest in some type of protection.