Historically, cyber attackers would infect desktop operating systems with malware. However, that’s not the only risk today. As more users transition from desktop to mobile as their primary form of computing, cyber attackers have taken notice and developed mobile malware.

Below, we explain mobile malware, the risks involved and how you can keep your sensitive business data safe from hackers.

What is Mobile Malware?

Malware is short for malicious software and has been around as long as computers. Mobile malware is software designed to compromise mobile systems, such as smartphones and tablets. The malicious code is usually hidden and downloaded inadvertently onto a user’s device. Then, hackers use the mobile malware to access sensitive data stored on your phone. This can include anything from customer identities to bank information. Here are some of the different types of mobile malware:

  • Adware is an Internet ad laced with hidden tracking components that gather user-activity data. Adware is often delivered via a pop-up ad or banner that activates once clicked.
  • Bank trojans are typically disguised in authentic looking apps. Once downloaded, attackers attempt to access information from your legitimate banking app.
  • Ghost pushes are when hackers target devices with malware masked by normal-looking updates. Users update the device, and the virus is “pushed” onto it.
  • Keyloggers are a type of software used to secretly monitor your keystrokes to capture passwords, account numbers and personal information.
  • Ransomware encrypts your mobile data and holds it hostage until the user pays a “ransom” to the hacker.
  • Trojan viruses may be disguised as legitimate software. They can deliver other malware, or provide a backdoor for hackers to gain unauthorized, remote access.

How Can You Get Mobile Malware?

The risk of mobile malware is greater than ever because manufacturers are so focused on time to market (TTM) for new products, and often fail to patch legacy ones. They may overlook mobile security features needed to keep your business information safe. The following are common ways you or your employees can contract mobile malware on your device:

  • Downloading malicious apps is the most common way to get mobile malware. Legitimate looking apps may conceal malware that activates after being downloaded onto your smartphone. Avoid downloading apps you don’t need, and apps of any kind from unofficial app stores.
  • Opening questionable emails with a link to a malicious site is another common way hackers can steal your business data. Employees often check their work email through their smartphones and could easily click on an unsafe link. Look out for random emails with subject lines, such as “you’ve won a contest” or “a free trip.”
  • Accessing insecure networks/websites exposes sensitive data transmitted from your device. Public networks leave your mobile device more vulnerable to data interception and other attacks.

What Can You Do?

Although it might seem like mobile malware is everywhere, there are effective steps you can take to keep your business data secure.  

  • Use a Virtual Private Network (VPN). VPNs add security to public networks by encrypting the communications between the device and a VPN provider (or your corporate network). This will help protect your business’s data if employees are working remote or away from the office.
  • Use strong passwords, enable multi-factor authentication, and apply patches on all of your devices. This reduces the risks of keyloggers and similar malware.
  • Encrypt your data. This will make it more difficult for cyber criminals to extract and utilize valuable business information.
  • Train employees on safe cyber security practices. Develop a mobile cyber security policy that requires employees to set passcodes, lock devices and limit public Wi-Fi.
  • Restrict access to certain networks and capabilities. Ensure only authorized employees have permission to use your business network. Install a second network for guests. Also, work with your IT department to set restrictions that limit app downloads to authorized app stores.
  • Consider mobile device management software. These solutions provide an extra layer of protection and remote management options for your devices.

You work too hard for your valuable business data to be stolen. Maintain cyber security best practices to ensure you and your business are secure.