Mobile malware: what you need to know & tips to protect urself

Takeaway: Should you be worried about mobile malware? Here’s what you need to know and some tips on how to protect yourself from getting infected.

Mobile malware - what’s that?

It’s bad news for smartphone or tablet owners. Mobile malware is any app that carries out malicious actions on your phone or tablet. That could be text messaging a premium rate number, bombarding your contacts with unwanted messages or carrying out any other detrimental act without your permission.
Malware also has a cousin in spyware - where an app gathers data about users without their knowledge and consent. Spyware generally captures information of interest to third parties - the likes of contact lists, phone logs, text messages, location and browser history. I'll be writing more on this soon.

What mobile malware does

Among the most common type of malware is tollware, where the app surreptitiously sends texts to or silently dials into a premium rate service. Another common type of malware collects information on the user - the likes of contacts etc - that it doesn’t have permission to access - often for use in sending out spam.
Malware writers have also started exploiting different aspects of mobile phones, developing apps that secretly record telephone conversations and intercept text messages used to authenticate user identity in online banking.

How malware is distributed

A common way is via software downloaded outside official app stores, but there have also been instances of malware spreading via infected web or in-app ads and web and emailed links, as well as instances of apps creeping onto official stores - mostly on Android.
Malicious apps are often disguised as legitimate applications - a study by the Department of Computer Science at North Carolina State University found that 86 per cent of Android mobile-malware payloads are repackaged with legitimate apps and are not standalone.

How to protect against mobile malware

A key step is to get apps from trusted sources, that means downloading from official app stores and checking the developer name, reviews and ratings of each app. In particular, you should be wary of any app that offers a free version of a piece of software that is typically paid-for.
Checking your phone bill for any rogue calls or texts can also provide early warning signs on malware.
There are a variety of anti-malware tools for mobile devices. Anti-malware software is still relatively rare on phones and tablets.

How to protect your staff - for firms

Any firm wanting to support a sizable number of mobile devices, be they corporately issued or privately owned, and that wants to minimise the chances of malware infection or resulting damage should invest in a mobile device management (MDM) system.
MDM’s give the company control over what employees do with mobile devices - allowing them to manage what an employee installs on the phone, control how often phones are used, force company policy compliance, remotely wipe a device, detect jailbreaking and remotely locking a device.
Generally it’s a good idea to get a system that supports multiple mobile platforms in order to provide flexibility if a firm wants to invest in different types of devices.
Also useful are tools to authenticate applications connecting to the corporate network, although iOS has barriers that make such app-level authentication difficult.
Data leak prevention software can also restrict how a user or an app uses different data, reducing potential for abuse, but implementing it can be tricky on iOS because of limits on inter-app communication.

Visit this link to learn more about mobile security and  protective measures you should know to keep your mobile and yourself safe.