While security software is commonly used on laptops and desktops, the majority of today’s mobile devices remain devoid of security protection and are exposed to a new and growing breed of mobile malware. Malware may result in device or data corruption, data loss, the unavailability of necessary data and more.
Mobile malware is different from PC malware in that it doesn’t spread randomly via unknown sources or random phishing emails. Instead, mobile malware is actively installed by users who download and install infected apps from an app store, either Apple’s or the various Android stores. The attacker convinces the store that the app is legitimate, and it performs as expected while it gains a fan base. Soon after, it begins its malicious behavior. As with PC malware, the authors of malicious mobile apps are all about making money.
Follow these tips to protect your mobile device, data and privacy against the growing mobile malware threats.
- Ensure that you use the following three core components to secure your mobile device. When combined, they provide a significant challenge for hackers:
- Device auto-lock: Configure your device to lock automatically after a period of time. Only those with knowledge of the passcode can unlock the device.
- Device encryption: Protect your mobile device by preventing access from intruders, eavesdropping or interception of data in transit by using encryption technology.
- Remote wiping: Install remote locate, track, lock, wipe, backup and restore software to retrieve, protect or restore a lost or stolen mobile device and the personal data on that device.
- Do not circumvent or disengage security features such as passcodes and auto-locks.
- Set the device to lock after a set period of inactivity. A recommended inactive period setting is 10 minutes or less.
- Ensure that you have GPS device location in the event of theft or loss.
- Use caution when downloading apps and free software, especially from unsanctioned online stores.
- Install an on-device personal firewall to protect mobile device interfaces from direct attack.
- Install anti-spam software to protect against unwanted voice and SMS or MMS communications.
- Install real-time anti-malware technology via cloud services that continually analyzes and re-analyzes websites and mobile applications. Protect against malicious applications, spyware, infected secure digital (SD) cards and malware-based attacks.
- Turn off “beaming” (infrared data transmission).
- Turn off the Wi-Fi when you’re not using it; and avoid using public, unsecured Wi-Fi hotspots.
- Before discarding any mobile device, make sure it is wiped clean and restored to factory defaults.
- Threats to mobile devices are pervasive and escalating. Through malware, loss and theft, misconduct, and direct attacks, users are increasingly susceptible to devastating compromises of mobile devices.
- Don’t not let your mobile devices be used by children, who frequently download cool-looking but unknown free apps that might be malicious.