As part of our Cyber Security awareness campaign, we’re covering a new and important topic each month to help boost your knowledge and keep you and the University safe and secure.
This month, we look at mobile phones and the cyber threats we all face as mobile device users.
Is my phone really vulnerable?
Most of us own a smart mobile device made by a reputable global company. It’s easy to assume that the manufacturers will keep us safe from cyber threats without much input from us. Unfortunately, this isn’t always the case and there are many ways that cyber criminals can target us.
- Phishing and Smishing – fraudulent messages sent via email, SMS or on social media are all just as dangerous on mobile phones as they are on a desktop computer. Criminals create plausible messages, often posing as legitimate companies to tempt you into revealing personal information or downloading malware.
- Network-based attacks – it can be very tempting to use unsecured public Wi-Fi – after all, it’s usually free! But please don’t – cyber criminals can access these networks and intercept your data.
- Malicious apps – the ease with which we can all download apps to our phones make malicious apps a serious problem for mobile device security. Fraudulent apps contain malware designed to steal your data or perform unauthorised actions.
- Spyware – this software monitors your activity and collects personal information from your device.
- Ransomware – Often inadvertently downloaded, ransomware will lock you out of data on your device and cyber criminals will demand payment to release it.
Case study – malicious apps
A 2022 report from the UK’s National Cyber Security Centre (NCSC) warned of the rising risk to smartphone users from malicious apps.
The report noted that Android phone users had downloaded apps which contained the ‘Triada’ and ‘Escobar’ malware from various third-party app. stores resulting in cyber criminals taking control of their phones and stealing data and money by signing the victims up to premium subscription services.
Speaking about the report The NCSC's technical director, Ian Levy, said cyber-criminals were "currently using weaknesses in app stores on all types of connected devices to cause harm".
Source: BBC
So what should I do to stay safe on my mobile?
Here are some tips to help you stay safe:
- Always use strong passwords or ‘biometrics’ like facial or fingerprint recognition to lock your device
- Keep apps and your operating system up to date – don’t put updates off!
- Only download apps from trusted sources
- Avoid public Wi-Fi – make a habit of using mobile data if you need to connect away from a trusted network
- Turn off your bluetooth when you’re not using it
- Look out for Phishing scams in emails, texts or on social media sites
How to learn more
Each month, we’re releasing a matching bitesize training via Proofpoint, our online learning platform, which is emailed to you. This month’s training will arrive in your inbox on Tuesday 14 January.