Mobile payments are continuing to grow in popularity thanks to major players like Apple, Samsung and Google all making recent moves in the space.
According to Forrester, U.S. mobile payments to national brands and local merchants will swell to $142 billion by 2019 from $52 billion in 2014. There’s no doubt that while mobile payments may not be considered mainstream just yet, they’re continuing to gain momentum as user adoption grows.
Cyber criminals are taking notice as we increasingly store more and more personal information in our mobile devices. More than ever, they’re eyeing mobile phones as a target to hack into a user’s most sensitive information.
“I’ve got 99 problems and malware isn’t even 1 percent of them”
Verizon’s 2015 Data Breach Investigations Report claimed mobile malware is a “non-issue,” stating that mobile device exploits make up a small percentage of recorded incidents. But don’t breathe a sigh of relief yet. The report predominantly focused on the U.S. marketplace and mainly took into account corporate based attacks rather than consumer targets.
We’ve seen other reports show that mobile malware is very much a growing problem. According to the Lookout Mobile Threat Report, mobile malware increased 75 percent between 2013 and 2014. McAfee Labs also recently reported that there are 200 new mobile malware threats every minute. Banking specific Trojans, like Kins 2.0 and Spveng, are growing in popularity with cyber criminals and can be difficult to identify, often running “behind-the-scenes” once installed on user’s device. Cyber criminals are collaborating everyday on the dark web, exchanging ideas and code, and in the process exacerbating the reach and impact of these attacks.
The Android vs. Apple Debate
When comparing Android and Apple mobile devices, Apple emerges as the clear security winner. Because Android makes up about 85 percent of the overall mobile platform market and is a more open platform, malware strains designed for these devices are more likely to succeed. Fragmentation within the Android market has also made it difficult for consumers to keep up with necessary security updates, while these are typically pushed through automatically to iOS devices.
Although Apple was thought to be almost “immune” to malware attacks, we’ve seen some scary developments recently proving this isn’t the case. New malware that emerged earlier this month affected roughly 200,000 iPhone users who “jailbroke” their phones, exposing their information to cybercriminals. While consumers should know the security risks associated with jailbreaking their iPhones, the attack is a testament to the fact that cyber criminals are making headway in reaching iOS devices.
It’s Not Out of Our Hands
The good news? We do have some control over the security of our mobile devices. Here are a few simple rules to follow to keep your information safe:
• Avoid downloading third-party applications or any suspicious applications on the Apple App Store or Google Play Store. These malicious apps are often disguised as free versions of popular apps. If an app deal looks too good to be true, it likely is.
• Don’t connect to unsecured WiFi. These open networks can put your mobile device at risk for man-in-the-middle attacks which give cyber criminals the information they need to access your system and install malware.
• Always create strong, unique passwords and use two-factor authentication whenever possible (most banking apps do offer 2FA). This can be the added layer of security you need to keep your information safe.
• Don’t click on links in emails that appear suspicious from known or unknown senders, as these may be a phishing attempt.
Mobile payments will continue to grow in popularity, and with this we’ll see a parallel in the growth of attacks on mobile devices. By increasing awareness of the issue and educating consumers on security best practices, we can combat attacks and stay one step ahead of mobile malware threats.
— This feed and its contents are the property of The Huffington Post, and use is subject to our terms. It may be used for personal consumption, but may not be distributed on a website.