The researchers at ESET put together a 10-point list that does not paint the smartphone industry, nor their users, in a very favorable light when it comes to cybersecurity.
While one possibly should not blame cybercriminals for taking advantage of lax security measures, after all that's what cybercriminals do for a living, the list indicates that if end users and vendors would simply take a few precautions their mobile device would be much more secure.
Here, in no particular order, is the list.
Users are ignorant about the dangers.
Many people do understand the need to protect their larger devices, laptops and desktops, but they tend to fall flat when it comes to their smartphone. This is an interesting disconnect considering most people use their phone much more often than any other device and considering how many companies allow their workers to BYOD, one would think employers would implore their staffers to take a few cybersecurity lessons. Which leads us to the next issue.
It's a way into companies and other organizations
The use of BYOD has become one of the most prominent trends for companies around the globe. Research published in 2015 found that 74% of companies had either adopted or planned to roll out BYOD, with the market set to exceed $350 billion by 2022. Cybercriminals are viewing these devices as an ideal gateway into stealing valuable corporate information.
Security can be lax
It's not necessarily that companies don't want to impose a level of security on personal devices being used for work, but that the task is too monumental to accomplish. In a recent Tech Pro Research survey of CIOs, tech executives and IT workers, 45% of respondents said mobile devices posed the greatest risk to a company's infrastructure, with the fragmented nature of some mobile platforms cited as a primary reason. The variety of phone types also makes rolling out a unified program difficult.
A smartphone knows everything about us
A person would probably not consider it smart to leave their debit and credit cards, Social Security number and just about every other piece of personal information lying about in public, but many people have no problem keeping all that info, along with the long in credentials required, on their phone. The same phone that does not even have a screen lock, much less any security. And because of this…..
It's a route into your wallet
Not only is a phone a repository for payment cards, but they are also mobile payment platforms hosting the owner's Google, Apple or Samsung payment info. This type of convenience leads to the next reason criminals love smartphones.
Autofill has become our best friend
Because we always have our phones, and they have the ability to make simple tasks like entering a bank easy, we have filled them with even more information making them extremely valuable to anyone with a nefarious nature.
There is more to cybersecurity than keeping your data out of the wrong hands. A phone also knows where you are, have been, work, hang out, etc. All bits of info that could be a problem if they happen to fall into the wrong hands.
Criminals have been quick to capitalize on a smartphones many points of entry and exit, such as Wi-Fi, 4G and Bluetooth. For several years now, Bluetooth has been a regular feature on smartphones and other mobile devices. Yet, like GPS, it is still seen as a potential entry point for cybercriminals. The effects of such an attack can result in Bluesnarfing – where a phone's private information is compromised, or Bluebugging, which allows a criminal to more or less take complete control of your phone. Luckily, while there is a risk, these methods are becoming increasingly harder for hackers to exploit.
Mobile specific scams
Criminals are also able to take advantage of one smartphone feature few people even use today. A phone call. In countries like China, for example, malware can be used to access devices and force them to call premium numbers that charge large amounts. These scams are not only potentially lucrative, but can also spread across large numbers of devices.
Finally, smartphones are a great way to send spam.
Not that the only will want to do so, but the bad guys can turn a phone into a botnet army soldier. This is mainly because it is much harder for service providers to track down and block offenders.