How to protect yourself from mobile malware

Expressions such as “remote work” – which refers to employees who have the freedom of working wherever they want thanks to the possibility of working with portable devices – have been widely used even before the new coronavirus (SARS-CoV2) pandemic. With the COVID-19 crisis and more people working from home, professionals have become even more “mobile”. Most companies now allow employees to choose between moving around at the office, working from home, and so on.

Make no mistake: we are not here today to discuss the advantages and disadvantages of this hybrid format of work, but to warn you about a growing threat that is causing concern. With more professionals using their smartphones to access and even store sensitive corporate data, it did not take long for cybercriminals to realize that mobile devices (not just smartphones, but also tablets) have become excellent targets.

The amount of malware and attack procedures that only target mobile devices increases every day, and, considering the exponential increase in the computational capacity of these small gadgets, they should become even more useful for work, capable of storing an even greater amount of information, and thus an increasingly coveted invasion vector. That's why it's crucial that everyone — even end users, who end up being caught in the crossfire — knows how to protect their devices from these risks.

Basic tips

First of all, it is important to note that, here, we will not make distinctions between operating systems. Enough has been said (some reasoned, some not) about whether an iOS device is more secure than an Android device or vice versa. Ultimately, both of the leading operating systems can be victims of attacks, and therefore it is necessary to think about the mobile malware threat in a much broader way, including all types of users.

The first golden tip is a bit of a cliché, but clichés are always good precisely because they are functional: keep everything up-to-date! Most breaches in security that attackers take advantage of are based on vulnerabilities in the operating system or in a particular application. Developers often fix these bugs, but the Internet user ends up leaving the update aside. It is important to install all updates to ensure that these security breaches are properly handled.

And speaking of apps, be careful with these, too. Only download apps from trusted sources, as there is a huge amount of malicious and false software on the web. And, even when downloaded from an official store, pay attention to the permissions that the application asks for: a calculator doesn't need to access your camera, nor authorization to read and write data in your smartphone's memory. If you notice that any program is too “eager”, be suspicious.

Antivirus software: are they enough?

You thought we wouldn't talk about antiviruses, didn't you? Well, of course, a good security solution can make things easier for you, but these apps alone are not enough to protect you, especially if you are not properly aware of the threats we encounter in our daily lives. As usual, social engineering is a cybercriminal’s favorite trick, even for mobile malware.

This means that opening that suspicious link that you received via SMS, in your email, or on a WhatsApp chain completely invalidates the effectiveness of an antivirus. As always, the biggest defense against cybercrime is awareness. Be sure to be careful when browsing the web on your mobile device and think twice if you find something strange!