The smartphone, the gateway for cyberthreats

It’s become an essential part of our everyday life thanks to its versatility; we can communicate with anyone, watch our favourite series, play games, browse and even work. What is it? The smartphone.

30/03/2022

It’s been one of the most popular devices over the last decade. So much so that there are approximately 6,300 million users of these phones, according to the data published on the Statista portal, so almost all of us carry one around with us. These devices can therefore become a gateway for cyberthreats.

Spaniards currently spend an average of three hours and 27 minutes a day glued to their mobiles and the applications that we use most are video games, according to a study by Fly Research commissioned by HMD Global, the manufacturer of Nokia phones. The purpose of this study is to ascertain how smartphones are used on a daily basis.

The main dangers

Thus, due to the increase in their use, over the course of 2021 mobile phones have become the main target for cybercriminals, constituting a new means of defrauding their users, as they can be infected by malicious programs or malware. This is the case of ransomware, one of the most dangerous threats hovering over us. Its function is to hijack compromising or highly sensitive data, for which a sizeable ransom is then demanded.

Although this type of malware was initially launched via personal computers, it has now been adapted to the medium to infect mobile phones. To be more effective, these applications pretend to be legitimate, as a result of which they don’t raise any doubts among users, who eventually discover that data such as their bank details have been stolen.

Phishing is another technique widely used by cybercriminals. In this case, the attackers attempt to obtain data from their victims, get them to download a malicious file or even make a payment via a fake website. They achieve the above by using electronic communications such as email and social media. It’s so popular that it even has a name of its own when it’s a scam via SMS: Smishing.

Security breaches during the lockdown

The coronavirus health crisis has brought with it an increase in the number of these threats. In 2020, during the initial months of the pandemic, pattern changes were detected in the use of the Movistar telecommunications networks, with exponential growth resulting in highs for fixed data (143% in April), mobile data (82% in April) and mobile voice (42% in March). The mobile phone became an essential tool for communication, entertainment, information and work. This increased use didn’t go unnoticed by digital pirates, who didn’t hesitate to capitalise on it to attack companies through their employees.

Teleworking has now given way to a hybrid model with a rise in the use of cloud services, as these provide the infrastructure required to send and receive information both quickly and easily, no matter where or when.

However, this trend has become another factor leading to increased risks. The attack surface, in other words, the number of potential entry points for criminal cyberattacks, has widened considerably. For example, if systems are poorly or defectively configured, they’re likely to receive several external attacks. A weak password is sufficient to enable entry. Not to mention the options that open up when we work outside the office; connecting to a public network increases the risks even further, as the security combating any threats is much lower.

As cybersecurity company Kaspersky points out, the focus for 2022 will be on mobile phones, as they’ll become increasingly exposed to more and more sophisticated attacks. Leaks, security breaches and information theft will thus continue to grow exponentially with the use of mobile phones. There are also other types of dangers adapted to smartphones, such as mobile adware, SMS banking Trojans and spyware.

Avoiding risks in a simple way

An inadequately protected mobile phone can become a serious problem. Given this situation, it’s important for us to protect our devices properly, particularly if we work from home, as we put our data and those of the company we work for at risk. Fortunately, with a few simple measures we can achieve excellent results and prevent serious problems.

The first thing we should do is keep our devices updated with the latest versions of the operating systems and other applications that we use on a regular basis. We should also use strong passwords and always connect from secure locations, avoiding public networks. Another tip is to browse with caution and stay away from any pages that look suspicious.

And if we want to buy a product or service or download an application or document, we should always do so via an official website. To detect a malicious or fraudulent website, it’s a good idea to look at details such as the text, which sometimes contains quite a few spelling mistakes, and verify that it’s a secure site by checking that a padlock symbol appears in the navigation bar, without forgetting to delete messages from unknown or unofficial senders. The mobile phone can become a gateway for threats, but we can close it by means of a few small gestures and a bit of effort. Just as we take care of computer cybersecurity, we need to start doing the same with our smartphones. After all, the threats we’re exposed to are similar on the two devices.


Communication

Contact our communication department or requests additional material.