New research by Bitdefender shows mobile users are reluctant to use a dedicated security solution on their phone. Most of those who refuse to install an antivirus, for example, say they don’t need it, that their phone comes with security, or that malware in general doesn’t target smartphones. The reality, though, is quite different. And malware is just one of many threats to smartphones. Today we’ll look at three omissions smartphone users typically make in terms of cybersecurity.
Nowadays we have free WiFi everywhere. Public WiFi networks are typically open to everyone, and their security isn’t exactly bulletproof. A WiFi network is considered unsafe when the network doesn’t require a password to join and belongs to a public place like a hotel, airport, restaurant, coffee shop, mall or lounge.
The network is also considered unsafe if it uses obsolete or weak security or encryption protocols, but those configurations are typically completely overlooked by users who simply want to save up their internet plan and make the most of the free WiFi ‘fountains’ scattered throughout the city.
Networks in places like airports, lounges, hotels, restaurants and shopping malls are easy targets for bad actors trying to capture and exploit your traffic. In some instances, criminals will actually set up a free WiFi network as a trap to steal your credentials, credit card data, personal information, etc. Using a VPN helps, but still you should never access sensitive information or shop online using a free / public WiFi network.
Poor passcode hygiene
It’s long been known that people favor simple, easy-to-remember passwords. And who can blame them. Today’s bare minimum requirement is at least eight characters, upper and lowercase letters, and at least one number. Some services even demand you throw in a special character like #,$,%, etc.
Our mobile phones are less demanding when it comes to setting up a passcode to unlock it. Typically the minimum requirement is a four-digit code without letters or special characters. So you’d think people get at least this one right … right?
Well, a Bitdefender survey conducted by iSense Solutions shows 8% of respondents admitted to using a simple passcode like 0000, 1111, 2222, 3333, etc. Another 8% use the all-too-common 1234. 6% use 1122 or 1133. In fact, 11% don’t even use a passcode to lock their smartphone. Half also said their phone is their main device for personal online activities.
An easy-to-guess passcode leaves your device extremely vulnerable to intrusion. You have no excuse to make it easy for others to access your device. Even if many of us rely on biometrics to unlock our phones, there are still times when that passcode comes into play – like when you reboot the unit, or when the device fails to recognize your fingerprint multiple times in a row. If someone steals your phone or you misplace it, you’ll wish you had made it harder for others to get into it.
Refuse to employ a security solution
For half of Internet users, a smartphone is the device most often used for personal activities, with use highest among those up to 44 years of age, our survey shows.
61% percent surveyed have suffered at least one threat in the past year, with scam messages/call scams cited by 36% and phishing by 23. As we’ve noted in the past, smartphones are just as vulnerable to social engineering as computers. In fact, if we add smishing (phishing via SMS) and call scams into the mix, smartphones are actually the more vulnerable platform.
Our research also revealed that 15% of users have no security product or service on their most-used devices for personal online activities, with mobile phones more exposed than other devices. Some 30% of users refuse to employ an antivirus on their mobile device (either phone or tablet). People say they don’t need such a product, either because they don’t trust AV vendors, they believe the solution is difficult to handle, that it’s too expensive, or because the phone – 7% believe – is immune to malware. And the list goes on.
Malware is, in fact, ever-present in the mobile threat landscape – especially on Android-powered devices. Trojans, keyloggers, stalkerware, spyware and screen lockers systematically crop up on Android devices, through unofficial app stores or even on the more-vetted Google Play store.
iOS may not be as exposed to malware as Android, but iPhone users are just as vulnerable to data exposure and theft, account takeover and eavesdropping, fraud and phishing scams, to name a few of the most common threats.
Bitdefender Mobile Security for iOS and Android protects your personal data (passwords, email address, social and financial information), gives you instant alerts whenever an incident is prevented, and checks your online accounts against data breaches to inform you what passwords you need to change ASAP. It notifies you about webpages that contain malware, phishing or fraudulent content. And you can remotely locate, lock and wipe your device in case of loss or theft. Last, but not least, you get a secure VPN so you can stay nimble, anonymous and safe on the web.