By Kimberly Connella   |   July 25, 2019   |   0 Comments

FaceApp & fake accounts: Mobile Security Threats in 2019

The paranoia that followed the viral installation of the FaceApp shines light on how much we don’t know, or worse, choose to ignore about the dangerous wonderful devices in our pockets.

There are more smartphones in the world than people right now, and just about any phone can be hacked.

Smartphones today have more computing power than the first spaceship that made it to the moon.

However, to get something, you must give something up. When it comes to technology this thing is often security. With great mobile power, comes great mobile security threats.

As smartphones advance so does our dependence on them. The more tasks their capable of performing the riskier it is to use them.

From FaceApp to fake Facebook accounts, the mobile security threats are far reaching.

1.Social media risks:

When we hear of a new social media platform, we create accounts. We enter in our data and begin to live out a portion of our lives in cyberspace.

However, the ability to put yourself out there without ever looking up from your phone creates a myriad of new mobile security threats. Smartphone risks that too few of us have fully considered.

By now, hackers use these online spaces as just another place to find new victims. Social media platforms are gold mines to them. The pictures you post, the information you reveal, and the messages you send, make it all too easy for hackers to collect, manipulate, and use your data for their own illegal ends.

Facebook disabled 1.3 billion fake accounts in the first 6 months of 2018 alone. Even with their resources and billions in annual revenue, they still struggle to keep the fake accounts and illicit activities at bay.

The company stated that many of them were bots “with the intent of spreading spam or conducting illicit activities such as scams.”

Fake profiles are becoming harder to detect. Hackers are faster and more sophisticated than ever at “faking” identities online, all they need is a smartphone. They steal pictures, identifying information, and even replicate your friend list, to make their accounts seem legitimate.

Fake accounts that look like your friends:

Attacks by fake accounts often end with you wiring money to a friend, entering in your credentials to access something they send, or clicking on a malicious link that downloads malware to your smartphone.

There are often signs the account is fake: The date it was created, the number of friends they have, or perhaps the pictures are outdated.

However, the truth is you should always be suspicious online– even when you’re on a platform filled with your friends and family. It’s essential to be aware that risks don’t always look like risks. Hackers benefit from our lack of suspicion towards the smartphones we love so much.

2. Risky app installations:

As we saw with the FaceApp phenomena: if all your friends are downloading an app, most people don’t think twice before downloading it too.

Even if that means handing over your facial biometric data to a mostly unknown Russian company.

Whether or not that presents a hazard matters less than the fact that we blindly download, enter our data, and begin to use apps that we know nothing about. Most of us do it without ever reading the privacy policy.

It’s not uncommon for smartphone users to receive a link via text message asking them to download an app or “update” an existing app for the sole purpose of stealing your information or downloading malware on your smartphone.

Often these links, that can even look as though they’re from friends, ask for your credentials or require you to download the latest version of the app.

However, upon downloading, smartphone owners unknowingly open themselves up to a myriad of cyber risks. These smartphone risks can range from access to the personal information on your phone to surveillance.

Downloading links can give hackers remote access to your camera, contact list, messages, and photos on your smartphone without you ever knowing.

Only download apps that are from the App Store or the Google Play Store—and only open and download links you were expecting to receive.

If there’s a new viral app we’ve reached a point in cyber security where we must take a second, stop, and ask ourselves: What’s the purpose of a foreign company collecting millions of American’s facial biometric data? And, even if it’s purpose was originally innocent, could that data still be used to our disadvantage?

3.Lost or stolen smartphones:

Smartphones are now almost 30 times more valuable per ounce than a block of solid silver. They can also be turned into cash just as easily.

Unfortunately, one in 10 smartphone users will have a device lost or stolen. One in seven of those people will experience identity theft consequently.

Whether you have an Android or an iPhone, it comes equipped with a built-in tracking tool that you can use if your phone is lost or stolen.

However, it’s not turned on automatically. Users must enable the feature before tracking the last known location of their device. Users can’t enable the feature after the device is stolen, it must be done preemptively. Make sure this feature is on.

On Android, it’s Find My Device. On iOS, it’s Find My iPhone.

Another preemptive tool your smartphone device offers is a back up of your photos, contacts, and messages.

The cloud allows us to keep our personal data in a place that doesn’t rely on our physical device.

When bad actors get a hold of your smartphone:

Nearly every employee now remotely accesses corporate data and work-related information from their smartphones.

Think about it: Do your receive work-related emails on your smartphone? Is there clients phone numbers in your contact list? Do you have access to your company’s cloud via your phone?

Data breaches are prevalent and expensive. Equifax just agreed to pay $700 million in settlement after a massive data breach in 2017 that exposed 147 million people.

However, even employees at small businesses face risks. Small businesses depend on their reputation. They rely on client trust. Data breaches of personal information deteriorates business relationships.

When employees access corporate data with their smartphones and then are lax about the security of that phone, they risk their careers.

A Boeing worker was fired immediately after his laptop, which hosted a mine of unencrypted employee data, was stolen. It risked the personal data of 400,000 employees.

If someone loses their smartphone its not always their fault.

However, there’s security measures you can take to limit the access criminals have and mitigate the damage.

Multi-factor authentication is one of the most important tools we can use to protect ourselves from risk. Fingerprint and facial recognition, although not bullet-proof, significantly decrease a criminals ability to access your phone.

In the last decade we’ve begun to see the dark side of technology. It’s time we take a step back and start to secure our technology.

For the latest news and tips on cyber security and technology, subscribe to our blog.

 

---

---