Cyber Security Center

Mobile device security

Mobile device security

Mobile malware is a very real risk, as cybercrooks may steal your money/sensitive information, spy on you, use your device for such things like spreading malware or spam, taking control of other systems, and carrying out cyber attacks. Unfortunately, a lot of people do not pay sufficient attention to the security of their mobile devices.

Here are tips on how to safely use your mobile device for everyday things like downloading apps, using internet banking, connecting to Wi-Fi, as well as how to protect yourself from ransomware.

Screenshot (23)

Mobile banking malware

Mobile banking malware aims to steal your financial and/or personal information, or extort money out of you.

How does mobile malware spread?

  • Via malicious websites;
  • Via malicious app downloads.

What are the risks?

  • Stolen personal/financial information;
  • Stolen money.

What can you do to protect yourself?

  • Download your bank’s official mobile app, and make sure you are visiting the bank’s real website every time;
  • Make sure that your online banking website or app does not log you in automatically;
  • Do not disclose your bank card number or password, or any related information to anyone;
  • If available, set up a mobile security app (anti-virus) which would warn you about any suspicious activity;
  • If you lose your device or change your phone number, contact your bank to update your information;
  • Do not disclose your account information via text or email;
  • Always use secure Wi-Fi when accessing your bank’s mobile website or app. Never do it via open, not password protected Wi-Fi;
  • Regularly check your financial statements.

Phishing

Always be alert when someone is requesting your personal information via email, message or phone.

How could it happen?

  • Phishing attacks: Scammers/Crooks can trick you into sharing your personal information by pretending to be trusted organizations/people. These types of attacks are usually carried out via email, text messages, phone calls or social media.
  • Website browsing: Your mobile device can pick up malware by merely visiting an unsafe website.
  • File download: Emails may contain malicious links or attachments.

Why phishing attacks are effective?

  • Users are often not careful with sites they visit and emails they open.
  • Your device’s small screen makes it difficult to check whether the domain is legitimate, as URLs are displayed on limited screen space.

What can you do to protect yourself?

  • Be skeptical if a company sends you a message or calls you requesting your personal information. You can check the legitimacy of the message/call by calling the company’s official phone number.
  • When browsing the web on your phone, make sure connection is secured through HTTPS. You can always check that by looking at the beginning of the URL.
  • Never click on links or attachments in spam emails or messages. Delete them immediately.
  • Be wary of websites that have poor grammar, misspelling and low-resolution.
  • If available, set up a mobile security app (anti-virus) which would warn you about any suspicious activity.

Ransomware

Ransomware takes your device and your files for hostage. Such malware locks your screen or prevents you from accessing certain files.

How does ransomware spread?

  • Via malicious websites;
  • Via fake downloads of legitimate apps;
  • Via malicious links and attachments in emails.

What are the risks?

  • It may be necessary to perform a factory reset, which would mean file loss;
  • The attacker may get access to your device and be able to share your data with third-parties.

What can you do?

  • Regularly back up your files and update your software;
  • Do not use third-party app stores;
  • If available, set up a mobile security app (anti-virus) which would warn you about any suspicious activity;
  • Be wary of suspicious emails and websites, and remember, if something sounds too good to be true, it usually is;
  • Do not grant administrator rights to anybody;
  • Do not pay the ransom. By paying, you are financing cybercrooks and encouraging them to continue.

Mobile apps

Research apps and their developers before downloading them. Check app reviews and ratings. Be wary of links in emails and text messages. They could trick you into installing third-party apps from unknown sources.

Check app permissions. See what permissions the app has and whether it actually needs them to function, what kind of data it has access to, and whether it can share your data with third-parties.

Install security software on your device. It would check all the apps on your device and alert you of any suspicious/malicious ones.