COVID-19 has changed the way teams relate to each other. This new situation also causes all types of devices, corporate and personal (BYOD) to be used, forcing IT security teams to face a new scenario in a very short time.
There are new sources indicating the growth of mobile device threats during covid-19:
- The report “Mobile Cyber Security & Fraud Threat Observations and Incidents”, released by the Fraud and Security Group Management Team (FSMT) of the GSMA, looks at several of the fraud and malware campaigns that have been launched taking advantage of covid-19. Among others, they mention smishing attacks, mobile malware, including a trojanised version of the ‘Corona live’ application, containing the SpyMax spyware, malicious applications with COVID-19 themes, Vishing and Telephone-based scams and robocalls.
- The FBI insists on the need to be especially careful during the COVID-19 pandemic as they have detected an increase in financial fraud campaigns, especially when children stay home and spend a lot of time with mobile devices, exposing them to a greater risk of exploitation.
Europol, the European Union’s law enforcement agency, states that “Criminal activities appropriating the COVID-19 outbreak have also gone mobile”, and providing information about how to avoid them.
As detailed by the BBC, Google blocks more than 100 million phishing emails daily, of which a fifth -18 million daily emails, correspond to malware and phishing related to COVID-19 scams. As an example, a malicious Android app has been detected to help track the development of the virus, but instead infects the phone with ransomware and demands payment to restore the device.
Related to this, at Samoby we have also observed:
- The appearance of new threats on mobile devices taking advantage of the new scenario generated by covid-19. In fact, hundreds of apps had been removed from google play store and apple app store for this reason.
Urgency in adopting new strategies to protect workers while doing the job remotely, like VPN, but not being always the right or unique solution, as will be described below more in detail.
The need to have a clear strategy regarding security on mobile devices used by workers.
As said, adopting VPN urgently to secure remote access is not the only or the unique right decision:
- VPN technology cannot detect or protect against malware or phishing threats on devices.
- VPNs downgrade significantly the device performance, and this causes many users to bypass them, breaching basic security standards..
- Many users and even organizations use free VPNs, which pose a great security risk, since they send traffic through unidentified servers or in areas where the laws protecting the privacy of users are weak or non-existent.
- Almost all current VPNs for mobile devices only route the traffic for a specific app, exposing the device to attack risks.
The use of VPN must be complemented with a MTD (Mobile Threat Defense) solutions such as Samoby, offering protection from all mobile threats in real time, locally on the device.
Samoby detects and prevents attacks on the same device and in real time, with no need to send information or redirect traffic to third parties. Samoby preserves the privacy of the user.
In addition, it performs real-time analysis and provides protection from the perspective of network communications to detect and prevent mobile phishing, threats that can appear through mobile apps, and from the vulnerabilities of the device itself.
Samoby can help you protect your employees’ devices, both corporate or BYOD. You can contact us here, to understand in detail all the advantages and solutions that we can offer you to secure your mobile devices.