Please enable JavaScript.
Coggle requires JavaScript to display documents.
MOBILE DEVICE THREATS (Data Leakage (Mobile apps are often the cause of…
MOBILE DEVICE THREATS
Data Leakage
-
. These are typically free apps found in official app stores that perform as advertised, but also send personal—and potentially corporate—data to a remote server, where it is mined by advertisers or even cybercriminals.
-
Unsecured Wi-Fi
No one wants to burn through their cellular data when wireless hot spots are available—but free Wi-Fi networks are usually unsecured.
only use free Wi-Fi sparingly on your mobile device, and never using it to access confidential or personal services, like banking or credit card information
Network Spoofing
when hackers set up fake access points (connections that look like Wi-Fi networks but are actually traps) in high-traffic public locations such as coffee shops, libraries and airports.
cybercriminals give the access points common names, like “Free Airport Wi-Fi” or “Coffeehouse,” which encourage users to connect.
to using caution when connecting to any free WiFi, never provide personal information, and if you are asked to create a login, always create a unique password, just in case.
Phishing Attacks
-
According to CSO, mobile users are more vulnerable, since they are often the first to receive legitimateseeming emails and take the bait.
Email monitoring is crucial. Never click on unfamiliar email links. On a smaller mobile screen, they can be even harder to verify. Always enter URLs manually to be as safe as possible.
Spyware
According to eWeek, while many mobile users worry about malware sending data streams back to foreign powers or international cybercriminals, there’s a key threat closer to home: Spyware
it’s not malware that users should be worried about, but rather spyware installed by spouses, coworkers or employers to keep track of their whereabouts and use patterns
Broken Cryptography
According to Infosec Institute training materials, broken cryptography can happen when app developers use weak encryption algorithms, or strong encryption without proper implementation.
. For example, it may not be possible for hackers to crack the passwords, but if developers leave flaws in the code that allow attackers to modify high-level app functions (such as sending or receiving text messages), they may not need passwords to cause problems.
-