With the growing reliance on mobile devices for accessing work-related information, we all must remain vigilant against social engineering attacks targeting these devices.
With 16+ billion mobile devices in use worldwide, new data reveals how bad actors are shifting focus from the standard email phishing attempts to mobile devices. Zimperium’s 2024 Global Movile Threat Report states some interesting statistics:
- The average smartphone has 80 apps installed, with 5-11 being work-related
- 85% of the apps on the device are personal apps that all have some potential impact on the organization’s risk exposure
Key Tips for Using Mobile Devices Securely
- Stay Alert to Phishing Attempts
- Be cautious of unexpected emails, text messages, or app notifications asking for personal or work-related information.
- Verify the sender’s identity independently before clicking on links or downloading attachments.
- Use Strong Authentication Methods
- Enable multi-factor authentication (MFA) on all accounts accessed via your mobile device.
- Use biometrics (e.g., fingerprint or facial recognition) and strong passwords to enhance security.
- Keep Your Device Updated
- Regularly update your device’s operating system and apps to protect against known vulnerabilities.
- Enable automatic updates when possible to ensure you receive the latest security patches promptly.
- Install Security Software
- Use reputable antivirus and anti-malware apps designed specifically for mobile devices.
- Configure the software to perform regular scans and monitor for suspicious activity.
- Be Wary of Public Wi-Fi Networks
- Avoid accessing sensitive work information over public Wi-Fi networks, as they can be easily compromised.
- Use a virtual private network (VPN) if you must connect to public Wi-Fi, ensuring a secure connection.
- Restrict App Permissions
- Review and limit app permissions to only what is necessary for functionality.
- Be cautious of apps requesting access to sensitive data or system functions without a clear need.
- Report Suspicious Activity Promptly
- If you suspect your device has been compromised or you have encountered a phishing attempt, report it immediately to the Office of Cybersecurity by contacting itsecurity@uthsc.edu or abuse@uthsc.edu.
- Quick action can help mitigate potential damage and prevent further exploitation.
Following these tips can significantly reduce the risk of falling victim to social engineering attacks on your mobile device. Stay vigilant and proactive in safeguarding both your personal and work-related information from cyber threats.