What does your mobile tell cybercriminals about you?

Nuria Andres

  • Proofpoint Cyber ​​Security Strategist for Spain

Mobile is the quintessential personal device. It includes who we are and what we do. Such detailed information about users is very valuable for cybercriminals, as with it they can easily manipulate users to launch cyber attacks. From the phone, confidential data can be shared, malicious files can be downloaded, or even money transferred to a fraudulent account with little or no information.

This is taken care of by one of the most effective tactics for attackers: social engineering. It is responsible for knowing the feelings, motivations and biases that determine people’s behavior in order to find potential weaknesses. This is everything they need to be able to launch cyberattacks with greater credibility and success.

Phone number could be the key to the attack

Even something as simple and seemingly harmless as giving out your mobile number to another person can dangerously expose information to cybercriminals.

Only with these contact numbers can they know, for example, our socioeconomic status and physical location when accessing documents that show current and past addresses or properties. Through social networks, we also leak data about interests and friendships, which are very useful for personalizing malicious messages and impersonating third parties.

It is recommended to have a private profile on social networks.

Furthermore, it may be the case that if cybercriminals find any compromised documents, such as pending payments, fines or criminal records, the user may become the object of bribery or coercion.

The psychic defense against an SMS is weak

The company has already detected this fraud.
The company has already detected this fraud.

In addition to threats received by email, one of the main attack vectors against users, it is worth drawing attention to another threat that is still difficult to value: smishing.

In Spain, according to a recent survey on cyber threats, 43% of Spanish users have no idea what it’s about And the other 30% fail to define it correctly. Nor has there been much effort (33%) to include these scams, which come in the form of SMS, in training programs to spread awareness about safety.

It’s more than proven that we get mobile messages by email faster than once we receive it, and users haven’t been taught well enough to suspect text messages in terms of spam. . SMS more easily bypasses users’ mental protection against potential risks.

Dangers around these devices

It is important that users spend enough time developing their passion.
It is important that users spend enough time developing their passion.
file, archive

Mobile devices are fully integrated into users’ daily lives on both personal and professional level. Many people prefer or use mobile devices more than others such as desktop computers; And, as long as this situation lasts, they will be the main target of attackers.

One of the most worrying threats are network threats. As with mobile work teams, internal corporate networks can be compromised if the device is not secure enough. In addition, connecting to any public WiFi increases the chances that the data will be transferred to places where other users can read it.

Users turn to adblockers to avoid aggressive ads on the Internet.

In addition, there can be attacks where official-looking websites are displayed to trick users into sharing sensitive data or downloading malicious applications.

Spaniards spend an average of four hours using mobile phones.
Spaniards spend an average of four hours using mobile phones.
file, archive

Don’t forget that a user can download almost anything to their mobile phone, and it is even less rare that these applications are susceptible to malware manipulation. On the other hand, mobile apps connect to other internal apps and data through endpoints. If these are also not protected properly, attackers can compromise an application and steal data.

A woman uses her 'smartphone' while walking down the street.

Well, data theft is one of the main physical threats to mobile devices. So does the loss of data though these can be easily recovered and this is not the case with data when mobile is stolen.

mobile security tips

Mobile security covers strategies, software, and infrastructure, but it can make a difference if the user incorporates the following habits:

-Install pending updates of the operating system and mobile phone applications as soon as possible. But beware: as operating systems get more complex, so do security vulnerabilities; In addition, although the device should be kept up to date, unnecessary applications should not be downloaded.

,It is advisable to clearly define personal mobile device use of which we can use for work issues, later to avoid that any outsider access it.

,Review the data stored on these devices And the behavior that is with all downloaded applications. What data are they accessing? Where are they sent? What is the privacy policy of these apps?

,Try connecting via VPN when you’re on your work mobile To receive email and use business applications, among other functions, in case the WiFi network is unknown or unsecured.

-If your company provides a mobile device management and application defense service, it is required to use it. There are thousands of malicious apps in the App StoreAnd much more to discover on both iOS and Android.

Sign up for our newsletter and receive the latest tech news in your email.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button