What are the 3 methods for protecting your device from malware?

To many companies, the rise of mobile devices is a great thing. Business can be done quicker, more efficiently, and with less paperwork.

But there’s also a downside to mobile devices, and that’s malware. Hackers are constantly working to steal data from mobile phones and tablets. You’ve probably seen examples of mobile device malware and these attacks in the news. And the attacks are becoming more and more common.

Why are mobile devices so dangerous? 

Mobile devices in general aren’t as secure as computers. The same security measures that companies use for workstations and servers usually aren’t in place for mobile devices. Because of this, mobile devices may not be protected by things like firewalls, encryption, or antivirus software.

SEE ALSO:  Top 5 Security Vulnerabilities Every Business Should Know

Yet more employees are using mobile devices to gain access to sensitive information. This puts their company more at risk for data theft.

How does mobile malware affect businesses?

A lot of the risk depends on how your mobile environment is set up and how your employees can access sensitive data.  Unless you have policies and controls in place regarding mobile devices, your employees are probably accessing sensitive information from their mobile devices, information that can be stolen by malware.

SEE ALSO:  Stop Looking for a Mobile Security Standard

But how does the malware get on your phone?  Here are 5 ways your mobile device can get malware.

White Paper: 5 Tips for HIPAA Compliant Mobile Devices

How do mobile devices get malware? 

1. Downloading malicious apps 

The most common method hackers use to spread malware is through apps and downloads.

The apps you get at an official app store are usually safe, but apps that are “pirated,” or come from less legitimate sources often also contain malware. These are apps that appear to be legitimate, but instead contain spyware or other types of malware.

Occasionally an app with malware will make it through to an official app store. One recent example is InstaAgent, an app that stole Instagram user credentials and sent them to a third-party server without the knowledge of the user. These apps are usually discovered and taken care of quickly, but they illustrate what can happen.

Sometimes developers will use pirated development tools, which have been compromised. Everything developed using these tools will then contain malicious code, which may steal sensitive data or damage the mobile device.

WATCH:  How to Know if an App is Secure

Be choosy when downloading apps, and download only from reputable app stores. That usually prevents you from coming across malware-infected apps.

2. Using a mobile device with operating system vulnerabilities

It’s critical to keep your mobile device up to date just like any other computer, or hackers can exploit those discovered vulnerabilities.

3. Opening suspicious emails

Here’s an example: you receive an email that says you’ve won something (a tablet, a vacation, etc). You open the email and click on the link, and nothing happens, or you’ve been taken to a dummy site. But malware was downloaded and installed on your phone. The data on your phone may now be exposed to that hacker.

Just like on your computer, avoid opening suspicious emails on your phone.

SEE ALSO:  7 Ways to Recognize a Phishing Email

4. Using non-secure Wi-Fi/URLs

The browser itself on your phone could also be a source of vulnerabilities. This can lead to web browser attacks. Attacks like these are more common on android devices. Make sure you have the most current version of whatever browser you use.

5. Receiving text message/voicemail phishing

Hackers often use this information to steal whatever data they can, including social security numbers, credit card data, etc. They may even be able to use it to make a targeted attack to install malware on your phone.

Whenever you get a text like this, call the company on their legitimate phone and verify with them. Never give out sensitive information through a text. Sometimes even replying to a text can be dangerous, so you should immediately delete any suspicious texts and attempt to contact the company directly.

SEE ALSO: Reverse Phone Lookup

Tips to protect your mobile device from malware

• Don’t jailbreak your device:  Jailbreaking your device removes a lot of its built-in security. While this may let you do more with your device, it also leaves it more vulnerable to attacks.  
• Use a VPN:  A virtual private network is a secure “tunnel” that lets you access and share information securely over public Wi-Fi networks. 
• Download apps only from reputable sources:  Unofficial app stores are more likely to be sources of malware-infected apps. 
• Encrypt your data:  If you have sensitive data on your mobile device, make sure it’s encrypted. It will then remain secure, even if malware steals it. 
• Do mobile vulnerability scanning:  You can’t prevent what you don’t know about. Use a vulnerability scanner like SecurityMetrics Mobile for your mobile device. 
• Update software and hardware:  Companies often release updates on mobile devices that address potential vulnerabilities. 
• Train employees:  Your employees should know about malware and taking the right measures to avoid it. Include mobile device security in your training. 
• Have mobile device policies in place:  Whether your company owns the devices, or your employees use their own, you need to have security policies set up that address the use of mobile devices. 

Even though mobile devices can be hard to fit into a traditional network or data security model, they need to be considered. It's critical to include them in your information security planning!

David Page is a Qualified Security Assessor and has been with SecurityMetrics for six years. He has over 18 years experience in network and system engineering, design, and security.

What are the 3 common types of malware?

What are the different ways to prevent the device from malware attacks?

What types of protection are there for malware?

What are 3 top anti viruses anti malwares available?