The University of Texas at Dallas
close menu

Information Security

Are Mobile Devices the New Target?

Renee Stone
February 22, 2022

Mobile phones provide convenient and instant access to technologies like email, IoT, applications, and much more. Unfortunately, mobile security hasn’t been given as much attention as some of the more established technologies. For example, Chivaroli & Assoc. Insurance Services states that technical security measures such as firewalls, antivirus and encryption aren’t as standardized on mobile phones. Meanwhile, criminals see mobile devices as prime targets due to the vast amounts of valuable, private information that can be taken from each device. With more employees working remotely, more mobile devices are also being used as a vector to attain company data or infiltrate company networks. The criminal’s attacks are not unlike traditional attacks; hackers continue to deceive users by sending malicious links and/or malware via text messages and emails disguised as normal communication.

When mobile devices are used for both personal and business-related activities, it is important to take your time and keep distractions to a minimum. Just like the “clean desk” practice, keeping distractions to a minimum will help establish the framework and mindset needed to protect yourself from the growing number of mobile attacks. For example, hovering over a link on the computer can help you determine whether the link leads to a malicious address, but lots of modern phones still lack the capability to see a link before clicking on it. Moreover, the address bar in mobile browsers is often not visible, so you might not know that you are at a malicious website if you are not being vigilant.

Here are some quick tips for reducing risk surface:

  • Remove apps from your phone you don’t need, adjust permissions for the ones that you do. You can probably trust the application but if that vendor loses their data, your data is at risk as a result.
  • Adjusting your notification settings will reduce distractions, allowing only important individuals and applications to notify you. It can be easy clicking on something by accident.
  • Turn off Bluetooth when not in use. This helps to avoid secret connections by hackers who ‘scrape’ your data via software vulnerabilities that haven’t been updated and patched.
  • Never leave your mobile device unattended. A physical attack on the device by plugging something into it is the easiest thing for a hacker to do.
  • Use two-factor authentication so that attackers have to find your password AND intercept the second factor authentication message. This adds a layer of complexity that most hackers can’t deal with.
  • Use a password manager to create and store randomly generated passwords. If a vendor gets hacked and loses your information, then the hacker will be unable to reuse your password on other sites.