How Are Organizations Attacked via Mobile?

Samoby ranked attackers preferred attack vectors when trying to compromise a mobile device, based on the number of attacks that has been detected over the last months, and here are the results.

Mobile Phishing

By large the most frequent attack consists in making you believe you are dealing with someone you trust, such as a bank or your preferred eCommerce site, etc. sending you a fake email, sms or a similar app or website, and ask you to enter your credentials.

Rogue Wi-Fi

A rogue Wi-Fi access point, usually looks like a familiar Wifi such as the one you connect to in your favorite coffee shop, but is actually a fake one. Once a device connects to that Wi-Fi, the attacker can spy your internet traffic, redirect you to a phishing site or make you to install malware.

Zero day Exploit

These kind of attacks are the most dangerous, and are usually aimed at specific people, such as company executives. They use OS or App vulnerabilities that are not known by anyone (Zero day vulnerabilities) except the attacker.

Malicious App

This kind of app might look innocuous, and be useful to the user (Flash Light, Sport results, Games,…) misleading them to install it, but hide spyware or phishing features that might steal your personal info or credentials. Many of them make their way in official app stores without google or Apple noticing it.

App and OS Exploit

OS or App exploits can give the attacker access to device information without user consent bypassing normal security and permission checks. It uses APP or OS vulnerabilities, when using not up to date app/OS versions.

How to Secure Mobile Devices

Mobile devices are now ubiquitous – used an average of over an hour per day – and are increasingly the preferred communication tool for calls, mail, chat, and corporate apps. What can be done to protect what is becoming organization main working tool?

The solution must deliver the following:

  • Detect and block phishing attempts
  • Detect and block traffic interception in public networks
  • Ensure device integrity, detecting inappropriate OS modifications or configurations
  • Check all apps for leaky/malicious behavior
  • Prevent unauthorized camera/mic access
  • Detect unusual data traffic volume or remote connections

 

Samoby delivers enterprise class mobile security for all of your iOS or Android devices.