Mobile malware is a term that effectively describes the same thing as conventional malware, but in the context of mobile devices like smartphones and tablets. If you have an Android smartphone or an Apple iPad, for instance, your mobile device can be threatened and infected by various types of malware.
The FBI Warning
Problems associated with the rise of mobile malware have become so much of an issue that the FBI issued a warning to users of mobile devices in October of 2012. The warning urges mobile users to be vigilant in protecting themselves against mobile malware that could compromise the security of their devices.
The warning cites two specific versions of malware called Loozfon and FinFisher.
- Loozfon steals information, like contact details, from the user's address book.
- FinFisher is spyware that can take over the components of a mobile device, granting the criminal the ability to remotely control and monitor the infected device.
These are just two examples; there are many other versions of mobile malware making their way through the Internet.
How to Protect Against Infection
The FBI warning about the increased risk and prevalence of mobile malware was issued by the Internet Crime Complaint Center (IC3). In that warning, the IC3 offered several safety tips for protecting yourself against mobile malware attacks and infection.
- Install a mobile security app: Just as you should have an antivirus and anti-malware software on your computer, the same is becoming true for mobile devices. AVG is one of the bigger antivirus companies on PCs, but they also have an Android app and an iPhone app that can help to protect you from harm.
- Utilize encryption if available: If you go through the security settings on your smartphone or tablet, you may be able to find an option to encrypt all the data. This can be used to protect your personal data if the device is lost, stolen or compromised.
- Be wary of app permissions: Each time you install an application on an Android device, for example, you will be given a list of app permissions. These may include being able to track your location, as would be the case with apps like Foursquare. If you are installing an unfamiliar or less popular application, be careful about granting permissions. They could be used as an exploit to compromise the security of your device.
- Protect your device with a password: All smartphones and tablets allow you to set some sort of password or passcode for the home screen. This is far more secure than the ubiquitous "swipe to unlock" feature. With a password, if the phone is lost, stolen or compromised, the thief will have to get past this added security measure to access your information.
- Avoid jailbreaking and rooting: Many people choose to jailbreak their iPhones or root their Android smartphones, so that they are able to tweak their devices or install unauthorized and unsigned applications. However, jailbreaking and rooting will also remove certain restrictions that have been imposed by the device manufacturer that may be in place to protect you from attack. This can expose security vulnerabilities.
- Beware of dangerous links: Just as you should be wary of suspicious links sent via e-mail or instant messenger on your computer, the same should be true about links you find on your smartphone or tablet. These can lead to the installation of mobile malware, viruses, and other malicious content on your device.
- Keep up with software updates: While the software or firmware updates on your mobile device can add new features or improve performance, they can also patch discovered security exploits and backdoors that hackers may be trying to use. By keeping up with these updates, you give yourself the best chance at staying as safe as possible.
Mobile Malware Can Wreak Havoc on Your Device
Mobile malware can have several malicious objectives:
- Steal usernames and passwords
- Retrieve geolocation information
- Steal contact lists
- Send rogue text messages and e-mails
- Install unauthorized apps and software
- Steal banking and credit card information
- Take over control of the smartphone or tablet
Mobile Malware Risk Factors
The risk factors associated with mobile malware are much the same as the risk factors associated with smishing scams, which are like phishing scams perpetuated via text messages. Some common risk factors include:
- Installing unauthorized or unsigned apps and software on the mobile device
- Having a jailbroken, rooted, or otherwise altered version of the mobile device
- Utilizing unfamiliar and potentially unsafe wireless access points
- Using a device with a more open platform, like Android, rather than one that uses a more closed platform, like iOS
- Authorizing applications to have increased permissions on the mobile device
Be Mindful of Mobile Risks
People have come to view their smartphones and tablets as very personal and secure devices, but that isn't necessarily the case. With a persistent connection to the Internet and the ongoing installation of new apps, the risks of mobile malware are greater than ever. While you can never been 100% secure, using common sense and following the tips described above should help to minimize the risk of a malicious attack on your mobile devices.