That’s why the occurrence of attacks and exploitation of smartphones are also on the rise. According to Kaspersky Lab, they found 1 million devices infected with 3.5 million malware installed in the devices. Were you aware of that? If yes, good for you. But for those who had no clue of the information that was just passed, this is for you. The best way to prevent your device from being infected or exploited is to be aware. Aware of the different ways you and your device can be exploited. Generally, the security threats and risks come from unsecured networks, vulnerable and under-developed apps, and of course, the web. You should also consider physical threats since smartphones are easily stolen and that leaves your data open once your phone has been unlocked.
Network-based Threats
If you’re someone that uses public Wi-Fi a lot, in fact, if you’re reading this on a public Wi-Fi, the first and foremost question is are you using a VPN? If not, go to the Playstore, download a VPN, and come back to reading this.
1. Network Spoofing
Public networks leave you extremely vulnerable to security threats. Someone can pretend to be the coffeeshop Wi-Fi connection or the library or any Public Wi-fi Connection. The thing is, they will do this very convincingly that you won’t notice at all. There would be login portals and the works. This is called Network Spoofing and by doing this, hackers can steal all the incoming and outcoming information your device has. Another possibility is, they can steal information on your phone. A VPN will not protect against this kind of threat, awareness is the only solution. If the SSID looks different than usual, or the login portal asks for passwords, take a second and verify if you’re in the right network. Ask somebody from the place to verify the network that you’re on.
2. Wi-Fi Sniffing
After ensuring you’re not a victim of network spoofing. You’re going to need protection against another type of network threat. Wi-Fi sniffing is eavesdropping on a network that’s usually done with the intent to find and get your unencrypted traffic. Anyone with a computer or smartphone can sniff a network. Wi-Fi sniffing tools are widely available over the internet. To protect your data, install a VPN. That’s it. If you’re having a hard time choosing one, here are the Best Free VPN Apps for Android
App-based Threats
Other than poorly made apps that expose users(We’ll get to that) most of the app-based threats heavily rely on Social Engineering. Like, downloading apps outside of the Playstore, clicking shady links that came from random people or even people that you know. Or, apps that were installed by people without your consent.
3. Phishing Apps
There are a lot of sources where you can get your applications. Do not do this unless you know what you’re doing. Unofficial apps can contain scripts that mine your information like your location, contacts, files, and your dirty secrets. Phishing apps can contain these scripts and pretend like it’s Facebook, Twitter, Or Instagram by mimicking its user interface. That way, when you login, your email, and passwords are sent to the attackers. Attackers won’t only mimic mainstream apps but any app at all. Depending on the app, Phishing apps can get personal information to financial information. To protect yourself from this, only download apps from the Playstore. Google implemented the Google Play Protect to monitor apps if they’re malicious.
4. Phishing Scams
Even if you’re using the legitimate apps, you can still be reached by Phishing Scams. Have you ever received a message on Facebook, Twitter, Instagram, or E-mail that came with a link encouraging you to click them? They are bots that are trying to phish valuable information from you or once you’ve clicked the link, there are a lot of consequences. This is a very old trick in the book. Since the web started, phishing has already scammed millions of people. You just need to be aware to protect you, your information, and your device from this threat. Here is some recent news in Phishing.
5. Spyware
There are threats and risks everywhere and most of the time you can protect yourself from them. To do so, you’ll need to be aware of the threats. Spywares are great at hiding and being inconspicuous. That’s why it contains the word “spy” in it. Spyware is an app that could be installed without your consent. Usually, spouses are the ones that install this type of application to your phones intending to monitor your every move, transactions, and messages. Now, this is the best-case scenario at the very least your information is not collected by a stranger. If it was a stranger, then the risk is much higher. Being infected by spyware is usually a consequence of another threat. They could be installed over an unsecured network, hidden within the app you installed, or a link that did a drive-by download and automatically installed it on your device. To protect yourself from spyware, install a powerful antivirus on your devices. For your spouses, regain that trust and make a stronger PIN or pattern for your phone. For more info on spyware, here’s what you need to know about Android Spyware.
6. Vulnerable Applications
Apps on the Playstore are protected by the Google Play Protect as it was mentioned earlier in the article. But, that doesn’t they can’t be used to exploit your devices. They may not illegally steal data from you or install another app without your knowledge. But, poorly made apps that use encryption with vulnerabilities. Leaving your passwords or information with the possibility of being cracked and stolen. A lot of apps use “tokens” that they issue for user authentication. Now, well-developed apps generate new tokens for every new session and make sure that tokens are stored carefully, and no one has access to it. If an app mishandled the tokens, this can be exploited in many ways. One example is, hackers can pretend that they’re the user using the token.
7. Cryptojacking
With the rise of cryptocurrency, this new type of attack comes with it. Hackers use your phone for cryptocurrency mining without your knowledge. Cryptocurrency mining requires a lot of computing resources. Now a single smartphone or even 100 smartphones won’t be enough to efficiently mine cryptocurrency. But as I’ve mentioned, by 2020 75% of the population will have access to a smartphone. Hackers are trying to gain access to that pool of smartphones and use their computing resources for cryptocurrency mining efficiently. So be aware of this and one symptom that your phone is being used for cryptocurrency mining is performance degradation.
Physical-based Threats
8. Lost or Stolen Devices
This is a possible threat to all devices. Having physical access to your device is the easiest way to gain your information. Making their physical security something you should always assure. With the event of losing or being stolen, there are ways to secure your device to prevent your information from being stolen and possibly getting your device back.
Most of it depends on You
Most of the threats are avoidable if you’re aware of them. Once you’ve done your homework on preventing them, you can sit tight and relax knowing you, your information, and your device is safe. Stay vigilant and think twice before providing any information. Nothing important can be stolen if there’s nothing important in the first place. I hope you’ve learned something new and if you have any other questions leave it at the comments below. Featured Image
