Top 15 Mobile Device Threats

Smartphones and mobile devices may contain sensitive data such as credit card numbers, authentication information, personal data, and activity logs (i.e. calendar events, tasks, call logs). Listed below are the Top 15 Mobile Device Threats that can compromise the integrity of the device, disclose sensitive information, and result in unauthorized charges.

1. Root Access - bypasses the default security protections built into the device’s operating system. Root access can leave the device and data exposed to vulnerabilities if the device is unable to install the latest security updates. Personal and financial information can be accessed by software developers who create backdoors into the device.

2. Root Enabler - allows individuals to gain escalated privileges on a device (i.e. rooting the device) that allows them to take actions that would otherwise be prohibited by the device operating system. Root enablers can compromise the built-in security features of the device allowing malware to be downloaded and personal information to be disclosed.

3. Exploit - apps that contain malware can take advantage of a vulnerability in a device's operating system. The exploits may allow unauthorized control over the device and potentially malicious activities include the ability to download malware on the device, compromise the device's built in security features, and collect personal information.

4. App Dropper – can download additional apps to the device without the user’s consent. Additional (dropped) apps can include malware that collects a user’s personal information as well as the ability to install apps without a user’s knowledge or consent.

5. Bot apps - features on the device are put under the control of a third party. Bots may allow a third party to download malware on the device, remotely browse the Internet, send SMS messages, make phone calls, and download additional applications. Bot apps can access personal data on the device, communicate with contacts, and text or call premium-rate telephone numbers and/or use excessive Internet data.

6. Trojan Horse - performs malicious actions such as stealing personal information, issues fraudulent charges, or downloads additional malware on the device.

7. Surveillance Ware - secretly collects and sends data about the device to a third party. These apps are typically installed by someone with physical access to the device. Compromised data can include contacts, call history, SMS messages, locations, and browsing history. Installation of surveillance ware often requires a device to be rooted or jailbroken, which can compromise the security of the device. Surveillance ware can also provide some level of control over the device to third parties and can collect a wide range of personal information as well as monitor device activities.

8. Spyware - secretly collects and sends data about an infected device to a third party. Compromised data may include contacts, call history, SMS messages, locations, and browsing history. Spyware apps can provide some level of control over the device to outside parties and can collect a wide range of personal information from the device and monitor device activities.

9. Ransomware - malware that locks a device and may demand money in exchange for regaining control over the device. The malware is typically downloaded to a user's device when a user visits a malicious website or opens an infected e-mail attachment.

10. Spam – without a user’s consent, spam apps may send Short Message System (SMS) messages, make phone calls, facilitate spam campaigns, potentially access personal data, and communicate with contacts, result in unauthorized charges by calling/texting premium-rate telephone numbers, and use excessive Internet data.

11. Toll Fraud - without a user's consent, sends SMS messages or makes calls to premium-rate telephone numbers that results in fraudulent charges. May also use excessive Internet data.

12. Riskware - poses a risk to the device due to either known vulnerabilities in the code or low reputation of services used by the code. Typically not malicious, riskware apps may contain vulnerabilities that could be exploited to compromise a device's security features or collect personal information.

13. Chargeware - generally does not provide advance notification or require user consent. Chargeware can result in additional monthly charges by calling or texting premium-rate telephone numbers. Privacy issues include disclosure of apps downloaded.

14. Click Fraud – can defraud pay per click (PPC) or pay per download advertisers by automatically clicking or downloading software. Click Fraud apps may result in data overage charges and download malware on the device.

15. Adware - code from an advertising network that collects data from your device and/or serves intrusive ads including display ads in the notification bar. Ad networks may have the ability to access information (e.g. unique device ID regarding your device. Users are presented with ads and may have shortcuts installed on the home screen.

Protect your organization

• Implement and maintain a formal Mobile Device Policy
• Ensure mobile devices have security protection software
• Maintain effective e-mail spam filters
• Users should be made aware of important actions that need to be taken and actions that are prohibited
• Passwords or PIN numbers should be implemented to restrict access to the device
• Where possible, users should regularly update applications and the operating system to the latest version
• Users should not disable device security protection mechanisms
• Users should not root or jailbreak their devices
• Users should only download and install approved software applications
• Provide users with role-based security education and awareness training

All it takes is one security breach to compromise your data. Network security audits help organizations identify, manage, and reduce their risks by ensuring the proper security controls are in place.