Top Mobile Security Threats 2023: Smartphones are essential because they store our communication, financial, and social information. It makes them attractive to cyber criminals. No matter which smartphone you have, whether it’s an Android from Google, Samsung, or Motorola, or an iPhone from Apple, people are always trying to find new ways to hack into these devices. Billions of people use smartphones globally, and no one is completely protected from cyberattacks. Mobile device users face various threats, such as spam, phishing, malicious apps, and ransomware. These attack techniques are becoming more advanced each year. Let’s talk about the top mobile security threats in 2023 and how to prevent them.
Mobile Security Threats
To stay safe, we should be aware of the main risks to smartphone security in 2023. Here’s our guide on understanding threats, the best defenses to avoid them, and what to do if your device is compromised. These are the main threats to Android and iOS smartphone security in 2023.
1. Phishing, Smishing, and Vishing
Phishing is a type of mobile security threats and happens when attackers send fake and fraudulent messages to trick you. Cybercriminals try to trick you into giving away personal information, clicking on harmful links, downloading and unknowingly running malware on your device, or giving them your account details for various online platforms like banks, shopping sites, social networks, and email.
Phishing can also install harmful software on your phone.
Mobile devices can be easily targeted by phishing attacks, just like PCs. It includes email and social network messages. Mobile devices can also be at risk of smishing, which is when phishing attempts are sent through SMS texts.
Spear phishing is a more advanced form of cybercrime. Attackers gather information about their target through surveillance before starting an attack. Spear phishing, also known as targeted phishing, usually targets essential people and can be driven by financial or political motives.
Vishing, or voice phishing, is a growing attack method. Attackers use voice services to deceive their victims. It can involve using various methods like leaving voicemails, making automated robocalls, using voice-altering systems, and more to trick people into sharing sensitive information.
To stay safe: Avoid clicking on links in emails or text messages unless you’re certain they’re trustworthy. Be cautious of unexpected calls or voicemails. Consider them suspicious unless proven otherwise.
2. Physical security
We often need to remember to secure our mobile devices, an essential physical security measure physically. If you don’t use a PIN code, pattern, or biometric check like a fingerprint or retina scan, your phone could be easily tampered with. Also, if you leave your phone unattended, it could be stolen.
To stay safe: To protect your phone from mobile security threats, set a strong password or PIN. It will prevent unauthorized access to your data and accounts if your phone is lost or stolen.
To increase the chances of recovering your device in case of theft, activate the security features offered by Apple and Google. Apple’s Find My service helps locate iPhones, iPads, and AirPods. Google can also track smartphones and tablets.
3. SIM hijacking
SIM hijacking, also called SIM swapping or SIM porting, is when someone misuses a service provided by telecom companies. This service allows customers to transfer their SIM card and phone number to a different operator or device.
Usually, customers call their telecom provider, verify their identity as the account holder, and ask for a switch. Attackers can use social engineering and the personal information they find about you (like your name, address, and contact details) to pretend to be you. They can trick customer service representatives into giving them control of your phone number.
Cybercriminals can redirect your phone calls and texts to their device in successful attacks. It means that the hackers will also have access to your two-factor authentication (2FA) codes, which are used to protect your email, social media, and banking accounts, among others.
SIM hijacking is a specific type of attack that requires gathering data and physical effort to be successful. But if it works, it can harm your privacy and the security of your online accounts.
To stay safe: Protect your data by following cybersecurity best practices to prevent it from being used against you through social engineering. Be cautious about sharing too much online. If you suspect your personal information has been leaked in a data breach, it’s a good idea to request your telecom provider to add a “Do not port” note to your file. It can be done by visiting them in person or contacting them. You can use Have I Been Pwned to check if your information has been compromised.
4. Apps: Nuisanceware, premium service dialers, and cryptocurrency miners
Your mobile device can be vulnerable to nuisanceware and malicious software. These can make your device call or send messages to premium numbers without your permission.
Nuisanceware is malware found in apps, especially in the Android ecosystem. It causes your phone to behave in annoying ways. Nuisanceware is usually not harmful, but it can still be annoying and use your device’s power. You might see many pop-up ads or get promotions and survey requests. Nuisanceware can also make your mobile browser display many ads on web pages and videos.
Nuisanceware is created to make money for its creators in dishonest ways, like getting people to click on ads. Premium service dialers could be better. Apps may have hidden functions that can sign you up for paid services without your knowledge. These functions can be malicious. Attackers can make victims send texts and make calls to premium numbers, forcing them to pay for these services while the attackers keep the money.
Certain apps can secretly use your device’s computing power to mine cryptocurrency. Sometimes, these apps bypass security measures in app stores and have previously been discovered in official app repositories like Google Play. Cryptocurrency mining code can be hidden in apps that appear to be legitimate, like mobile VPNs, games, and streaming software.
To stay safe: To protect yourself from common mobile security threats, stick to downloading apps from trusted app stores. Pay attention to the permissions requested by new mobile apps, and don’t just ignore them. If your device gets too hot and the battery drains quickly after downloading new software, there’s something wrong. To fix it, try running an antivirus scan and removing suspicious apps.
5. Open Wi-Fi
You can find open and unsecured Wi-Fi hotspots everywhere, like in hotel rooms and coffee shops. They aim to provide customer service, but their openness makes them vulnerable to attacks.
Your phone or computer could be at risk of Man-in-The-Middle (MiTM) attacks when using open Wi-Fi connections. An attacker can intercept your communication and steal your information, install malware, and potentially take control of your device.
Sometimes, you may come across “honeypot” Wi-Fi hotspots. These are fake Wi-Fi hotspots made by cybercriminals to trick people into connecting so they can carry out attacks.
To stay safe: To protect yourself from mobile security threats, it’s best to avoid public Wi-Fi and use mobile networks instead. To connect with them, try using a virtual private network (VPN). For extra security, switch to a cellular connection when using sensitive services like a banking app.
6. Surveillance, spying, and stalkerware
There are different types of surveillanceware, spyware, and stalkerware. Spyware is a type of malicious software that cyber attackers use to steal personal information and financial details.
Surveillanceware and stalkerware are usually more personal and focused. In cases of domestic abuse, a partner or ex-partner might put surveillance software on your phone to monitor your contacts, calls, and location.
Certain apps, advertised as tools for parental control or employee monitoring, can sometimes be misused to violate your privacy.
Signs of infection can include increased power usage and unfamiliar apps. On Android devices, you might see that the option to “allow/install unknown apps” is turned on. Be cautious of any unusual behavior and higher mobile data usage to avoid mobile security threats.
To stay safe: To protect yourself, use an antivirus scan to remove spyware. To protect yourself from surveillanceware or stalkerware, be vigilant for any strange or suspicious activity on your device. If you suspect you’re being watched, prioritize your physical safety.
Ransomware affects both mobile devices and PCs. It is malicious software that encrypts your files and folders, preventing you from accessing them on your phone. The attackers then ask for payment in cryptocurrency in exchange for a decryption key.
Some examples of ransomware detected in recent years are Cryptolocker, WannaCry, BadRabbit, and Ruk.
Ransomware is commonly found in third-party apps or on malicious websites. You might encounter a pop-up asking you to download an app that looks like a software cracker or a betting app. If you download it, your device can be encrypted within a few minutes. It is less common on mobile devices than it is on computers.
If cyberattacks steal your Google or Apple ID credentials, they might use remote locking features and ask for payment.
To stay safe: To protect yourself, regularly update your phone’s software and keep the basic security features enabled on your Android or iOS device. To stay safe, only download apps from official sources and regularly scan for viruses. If you encounter ransomware, you may have to restore your phone from a backup or reset it to its original settings.
8. Trojans and financial malware
Google and Apple have strong protections against mobile malware, which help prevent many variants from causing harm. Trojans are the most critical type of malware you should know about.
Trojans are a type of malware designed to steal data and make money. Some mobile variants are Zeus, TickBot, EventBot, MaliBot, and Drinik.
Users often unknowingly download malware, thinking it’s a harmless app or service. Once on your phone, they cover up real banking app screens and take the credentials you enter, like passwords or PIN codes.
The attacker receives this information and can use it to steal money from your bank account. Some versions can also capture 2FA verification codes sent to your phone.
Most financial trojans focus on attacking Android smartphones. iOS variants are less common, but there are still different types.
To stay safe: To protect yourself, update your phone regularly and activate the basic security features on your Android or iOS device—only download apps from sources outside official repositories. If you think your phone has been hacked, take these steps:
1. Avoid using financial apps.
2. Disconnect from the internet.
3. Run an antivirus scan. If you think someone made fraudulent transactions, it’s a good idea to contact your bank and check your credit report.
9. Mobile device management exploits
MDM solutions are professional tools for businesses. MDM features can provide secure channels for employees to access corporate resources and software. It also helps spread a company’s network security solutions and scans to each endpoint device. Additionally, it can block malicious links and websites.
If the central MDM solution is hacked or compromised, it puts each mobile device at risk of data theft, surveillance, or hijacking.
MDM solutions remove control from end users, making them less powerful. So, you can’t prevent MDM compromise. To keep your device secure from latest mobile security threats, remember to follow basic security practices. Keep your device updated and avoid storing personal apps and information on your work devices.
How can I physically protect my device?
Your lock screen is like a gateway to everything on your device – your data, photos, private documents, and apps. Keeping it secure is very important to avoid mobile security threats.
1. Screen lock type: You can use different methods to secure your device, such as swiping, using a pattern, entering a PIN or password, or even using biometric checks like fingerprints or facial recognition.
2. Smart lock: Keep your phone unlocked with you, and choose when it’s safe.
3. Auto factory resets: Your phone will be wiped clean if you make 15 incorrect attempts to unlock it.
4. Notifications: Choose which notifications and content are visible on your locked phone screen.
5. Find My Device: Find, lock, or erase your lost device.
On iOS devices
1. Passcode: Create a passcode to unlock your device.
2. Face ID or Touch ID: Biometrics can unlock your device, access apps, and make payments.
3. Find my iPhone: Easily find and lock your lost iPhone.
4. Lockdown Mode: This feature, called “extreme” protection, offers extra security for a select group of users at high risk of targeted attacks. It helps protect against harmful links, content, and connections. To activate Lockdown Mode on iOS 16 or newer, follow these steps.
What should I look out for as symptoms of malware infection?
If your Android or iOS device is acting unusual, it could mean that it has been infected by malware or compromised in some way. Here are some things to be cautious about to protect yourself from the mobile security threats:
1. Battery life drain
Batteries can degrade over time, especially if you keep your phone’s battery from running out occasionally or frequently use power-hungry apps. If your phone gets hot and the battery drains quickly, harmful apps and software use your phone’s resources.
2. Unexpected behavior
If your smartphone is acting strange and you just installed new apps or services, something might be wrong.
3. Unknown apps
If you see software on your device that you didn’t install or if you have allowed apps from unknown sources or have a jailbroken smartphone, it might be malware or surveillance apps that were installed without your permission.
4. Browser changes
If your browser is acting strange, like redirecting you to a different search engine, showing unexpected pop-ups, or taking you to unintended websites. In that case, it might be a sign that your device and data are being tampered with by malicious software.
5. Unexpected bills
Scammers use premium numbers to make money illegally. If you notice unexpected charges, calls, or texts to premium numbers, it could mean these scams are targeting you.
6. Service disruption
SIM hijacking is a big problem. A targeted attack usually has a specific goal, like stealing cryptocurrency or accessing your online bank account. The first sign of an attack is when your phone service suddenly stops working, which means someone has taken control of your telephone number. If you can’t get a signal, make calls, or see a message saying you can only make emergency calls, it might mean someone has swapped your SIM card. Also, you might receive email notifications about account resets or alerts informing you that a new device has been added to your services.
What about government-grade mobile malware?
Sometimes, there are news stories about malware that target businesses and government organizations. There are different versions of spyware, like Pegasus and Hermit, that are used by law enforcement and governments. These spyware monitor various individuals, including journalists, lawyers, and activists.
Google researchers in June 2022 alerted about a spyware called Hermit that targets iOS and Android devices. This spyware is advanced and takes advantage of previously unknown vulnerabilities. Attackers are actively using it. Government employees from the US working overseas have been attacked by advanced mobile malware.
The mobile security threats or malware tries to take control of devices and collect all the information about a person’s digital life, such as their calls, messages, logs, photos, and GPS location. The chances of you being targeted by expensive malware packages are low unless you are a high-profile individual of interest to a government or organization willing to go to such lengths. You are more likely to be targeted by phishing, generic malware, or friends and family members using stalkerware against you.
What should I do if I think my Android or iOS phone is compromised?
If you think your Android or iOS device has malware or has been compromised, take immediate action to protect your privacy and security. Here are the steps to consider:
1. Run a malware scan
Make sure your phone has the latest operating system and firmware updates. These updates often fix security issues that could be used by attackers or malware. Both Google and Apple provide security protection for users, but it’s still a good idea to download a dedicated antivirus app. You can choose from Avast, Bitdefender, or Norton. Using the free versions of these apps is better than having nothing at all.
2. Delete suspicious apps
Removing unfamiliar or unused apps may not guarantee complete safety from mobile security threats, but it is a good practice to delete them. Deleting the app can fix your phone if it has nuisanceware. Avoid downloading apps from unknown developers outside Google Play and the Apple Store. Stick to trusted sources.
3. Revisit permissions
Sometimes, it’s essential to review the permission levels of apps on your phone. If the app’s functions or utilities seem too extensive, consider revoking or deleting them. Remember that certain developers, particularly in the Android community, may initially provide useful utilities and apps on Google Play but later turn them into malicious software.
Legitimate apps can unexpectedly change and lose their legitimacy. In 2021, a barcode scanner developer released a harmful update that took control of many devices simultaneously.
4. Tighten up communication channels
Avoid using open, public Wi-Fi networks unless necessary. Stick to using mobile networks and disable Bluetooth, GPS, and other features that can transmit your data if you don’t need them.
5. Premium service dialers
If you have received unexpected bills, check your apps and remove anything suspicious. To block premium numbers and SMS messages, contact your telecom provider and request the service.
If you’ve been a victim of mobile security threats ransomware and can’t access your device, there are a few options available.
1. If you discover the ransomware before your device gets encrypted and a ransom note appears, disconnect from the internet and any other connections, including wired links to other devices. Then, start your smartphone in Safe Mode. To prevent major damage, try deleting the problematic app, running an antivirus scan, and cleaning up your device.
2. If your phone is locked, your options are limited. Removing the malware is only a partial solution.
3. To find out which ransomware is on your phone, you can use a decryption tool from the No More Ransom project. You can give information to Crypto Sheriff, and researchers will help identify the type of malware you have for free.
4. If things go bad, you may have to do a factory reset. Stopping ransomware prevents further spread, but it won’t recover encrypted files. If you regularly back up your data, you can quickly restore your device after performing a reset. Paying a ransom doesn’t guarantee unlocking your phone or decrypting your files.
7. Stalkerware, Surveillanceware
Mobile security threats like stalkerware or surveillanceware can be challenging when you realize or suspect you are being targeted. If you have basic spyware on your device, Google, Apple, or an antivirus app can detect and remove it for you.
But what if someone close to you, like a partner, is keeping an eye on you, and you attempt to delete a stalkerware app from your phone? If that happens, they will either be alerted directly or realize it when they stop receiving your information.
If removing these apps puts your physical safety at risk, it’s best not to try to remove them. Some spyware can cause significant damage to a phone, allowing the operator to reinstall them remotely. In such cases, the only viable option is to either dispose of the device or keep it for law enforcement purposes. Contact a helpful organization, use a disposable phone, and prioritize your physical safety.
8. SIM hijacking
If you think you’ve been SIM-swapped, act quickly to minimize the damage. To get your service back quickly, start by calling your telecom provider. However, be prepared for the possibility of being put on hold for a while, which can be frustrating. Visit your carrier in person at their store.
SIM swaps can happen to anyone, even if you think you’re safe. Customer service reps might not know how to spot them, and hackers might have enough of your info to pretend to be you.
To reduce the risk, connect your essential accounts, financial services, and cryptocurrency wallets to a private phone number instead of a publicly known one. Using a pay-as-you-go number is a good idea. If your personal or work numbers are hacked, the chances of theft are reduced.
No matter which mobile device you use, whether an iPhone or Android, your phone is a target for bad actors every day. Stay safe and protect yourself from mobile security threats! Here are the most essential phone security measures today and how you can protect yourself.