mobile security threats

8 Mobile Device Security Threats and Risks

Smartphones are part of our daily lives. That is a fact for the 2/3 or 66% of the population and that number is expected to only go up through the coming years. By 2020, the projected number of users would be 75% of the whole population.

That’s why the occurrence of attacks and exploitation of smartphones are also on the rise. According to Kaspersky Lab, they found 1 million devices infected with 3.5 million malware installed in the devices.

Were you aware of that? If yes, good for you. But for those who had no clue of the information that was just passed, this is for you. The best way to prevent your device from being infected or exploited is to be aware. Aware of the different ways you and your device can be exploited.

Generally, the security threats and risks come from unsecured networks, vulnerable and under-developed apps, and of course, the web.  You should also consider physical threats since smartphones are easily stolen and that leaves your data open once your phone has been unlocked.

Network-based Threats

If you’re someone that uses public Wi-Fi a lot, in fact, if you’re reading this on a public Wi-Fi, the first and foremost question is are you using a VPN? If not, go to the Playstore, download a VPN, and come back to reading this.

1. Network Spoofing

Public networks leave you extremely vulnerable to security threats. Someone can pretend to be the coffeeshop Wi-Fi connection or the library or any Public Wi-fi Connection. The thing is, they will do this very convincingly that you won’t notice at all. There would be login portals and the works.

This is called Network Spoofing and by doing this, hackers can steal all the incoming and outcoming information your device has. Another possibility is, they can steal information on your phone. A VPN will not protect against this kind of threat, awareness is the only solution. If the SSID looks different than usual, or the login portal asks for passwords, take a second and verify if you’re in the right network. Ask somebody from the place to verify the network that you’re on.

2. Wi-Fi Sniffing

After ensuring you’re not a victim of network spoofing. You’re going to need protection against another type of network threat. Wi-Fi sniffing is eavesdropping on a network that’s usually done with the intent to find and get your unencrypted traffic.

Anyone with a computer or smartphone can sniff a network. Wi-Fi sniffing tools are widely available over the internet. To protect your data, install a VPN. That’s it. If you’re having a hard time choosing one, here are the Best Free VPN Apps for Android

App-based Threats

Other than poorly made apps that expose users(We’ll get to that) most of the app-based threats heavily rely on Social Engineering. Like, downloading apps outside of the Playstore, clicking shady links that came from random people or even people that you know. Or, apps that were installed by people without your consent.

3. Phishing Apps

There are a lot of sources where you can get your applications. Do not do this unless you know what you’re doing. Unofficial apps can contain scripts that mine your information like your location, contacts, files, and your dirty secrets.

Phishing apps can contain these scripts and pretend like it’s Facebook, Twitter, Or Instagram by mimicking its user interface. That way, when you login, your email, and passwords are sent to the attackers.

Attackers won’t only mimic mainstream apps but any app at all. Depending on the app, Phishing apps can get personal information to financial information. To protect yourself from this, only download apps from the Playstore. Google implemented the Google Play Protect to monitor apps if they’re malicious.

4. Phishing Scams

Even if you’re using the legitimate apps, you can still be reached by Phishing Scams. Have you ever received a message on Facebook, Twitter, Instagram, or E-mail that came with a link encouraging you to click them? They are bots that are trying to phish valuable information from you or once you’ve clicked the link, there are a lot of consequences.

This is a very old trick in the book. Since the web started, phishing has already scammed millions of people. You just need to be aware to protect you, your information, and your device from this threat. Here is some recent news in Phishing.

5. Spyware

There are threats and risks everywhere and most of the time you can protect yourself from them. To do so, you’ll need to be aware of the threats. Spywares are great at hiding and being inconspicuous.

That’s why it contains the word “spy” in it. Spyware is an app that could be installed without your consent. Usually, spouses are the ones that install this type of application to your phones intending to monitor your every move, transactions, and messages. Now, this is the best-case scenario at the very least your information is not collected by a stranger.

If it was a stranger, then the risk is much higher. Being infected by spyware is usually a consequence of another threat. They could be installed over an unsecured network, hidden within the app you installed, or a link that did a drive-by download and automatically installed it on your device.

To protect yourself from spyware, install a powerful antivirus on your devices. For your spouses, regain that trust and make a stronger PIN or pattern for your phone. For more info on spyware, here’s what you need to know about Android Spyware.

6. Vulnerable Applications

Apps on the Playstore are protected by the Google Play Protect as it was mentioned earlier in the article. But, that doesn’t they can’t be used to exploit your devices. They may not illegally steal data from you or install another app without your knowledge. But, poorly made apps that use encryption with vulnerabilities. Leaving your passwords or information with the possibility of being cracked and stolen.

A lot of apps use “tokens” that they issue for user authentication. Now, well-developed apps generate new tokens for every new session and make sure that tokens are stored carefully, and no one has access to it. If an app mishandled the tokens, this can be exploited in many ways. One example is, hackers can pretend that they’re the user using the token.

7. Cryptojacking

With the rise of cryptocurrency, this new type of attack comes with it. Hackers use your phone for cryptocurrency mining without your knowledge. Cryptocurrency mining requires a lot of computing resources. Now a single smartphone or even 100 smartphones won’t be enough to efficiently mine cryptocurrency.

But as I’ve mentioned, by 2020 75% of the population will have access to a smartphone. Hackers are trying to gain access to that pool of smartphones and use their computing resources for cryptocurrency mining efficiently.

So be aware of this and one symptom that your phone is being used for cryptocurrency mining is performance degradation.

Physical-based Threats

8. Lost or Stolen Devices

This is a possible threat to all devices. Having physical access to your device is the easiest way to gain your information. Making their physical security something you should always assure.

With the event of losing or being stolen, there are ways to secure your device to prevent your information from being stolen and possibly getting your device back.


So, what are the ways I can protect my device?

1. Awareness – Most of the threats rely on you installing or clicking them. Be wary of random links and think twice before clicking anything.
2. Official Apps only – Avoid installing apps outside of the Playstore. It might look and function the same but you don’t really know what could’ve been inserted in them.
3. Anti-virus – Install a reliable anti-virus to protect your device on the occasion of accidentally infecting your device with any of these threats. If you’re not sure what anti-virus to choose, here are the Best Antivirus Apps for Android Phones (Free Downloads) 
4. VPN – Just to stress this enough. Again, install a VPN don’t leave your device vulnerable.

What can I do to ready my device if it was ever stolen?

Set-up the Find My Device on your phone so in the event that your phone was stolen, you can try to track it, wipe its information, or ring it. Here’s more information on Find My Device
Other than setting up Find My Device, you can also enable full-disk encryption. Resulting to every time your phone boots up, it would ask for your PIN, password, or pattern before loading up the OS. Oh, and your storage is going to be fully encrypted.

Most of it depends on You

Most of the threats are avoidable if you’re aware of them. Once you’ve done your homework on preventing them, you can sit tight and relax knowing you, your information, and your device is safe.

Stay vigilant and think twice before providing any information. Nothing important can be stolen if there’s nothing important in the first place. I hope you’ve learned something new and if you have any other questions leave it at the comments below.

Featured Image

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *