Varun Vohra
With the continuous and fast paced evolution of smart phones and its ease of use due to availability of countless mobile apps, the mobile threat landscape has grown multifold. Today person of every age group from children to elderly, use their mobile devices for a number of day-to-day activities like online shopping, utility bills, games, banking etc. all through the available pool of mobile apps. As a result this area is of key interest for the bad actors. There has been a dramatic increase in the mobile malware all through some sort of malware embedded in legit looking mobile apps. App stores are quick to remove the malicious apps but still bad actors are smart enough to sneak through some malicious apps which once downloaded lands up on the mobile devices.
Such apps then have access to personally identifiable information (PII), user activity, photos and even the call or text functionality within the phones. Such risks are not only limited to regular users but also pose bigger threats to organizations today as company email and data is accessible over the phone these days. Therefore, it requires a new way of thinking to protect mobile devices and address the growing security concerns.
According to the subject matter expert, regular users need to raise their awareness around mobile apps and the evolving risks which will help them differentiate between legit mobile apps and the malicious ones. Apps which are well-known should be trusted before any other app even if the other one is free.
A number of phishing texts or emails with links are sent by bad actors and one should not fall into their trap by clicking such links as it may breach the security of the phone. Similarly, organisations need to shift their way of thinking to embrace mobile devices and the use of mobile apps by complying with the internal policies and security requirements.
At the end of day it will always be like a cat and mouse chase with security leading or trailing the race at times. Right level of awareness amongst us is a perfect security tool which can boost the defense not only for our personal devices but also for the organisations.
