Mobile Device Threat
At First Commerce, we believe in empowering you with the tools to recognize security threats. When we hear the terms hacking, viruses, or malware, the first thing that comes to mind is computers or laptop. However, you should be aware of threats through a mobile device. Mobile devices have evolved so much over the past two decades, incorporating several new technologies to improve their performances. Today, virtually everyone owns at least a smartphone - one for work and the other for home use.
Smartphones, at their core, are small computers that have been downsized to fit into our hands for convenience. Because of this, it is expected that many of the same secruity issues present in your typical personal computer could also be present in mobile devices.
Here are a few examples:
- Mobile Malware – Much like malware on computers, malware on mobile devices can be used to steal data from devices, hijack mobile sessions, or steal login credentials. In order to combat mobile malware, it is recommended that mobile device users deploy antivirus to their mobile phones from a reputable provider.
- Phishing and SMSishing – Phishing through email as well as SMSiShing through text message are ways that malicious actors attempt to get members to respond with confidential information such as credentials or to load malware on mobile devices. This is often done in a way that masks the identity of the malicious actor by making it seem like the message came from a legitimate source. It is recommended that members never click in a link from an email or text message that are unexpected. If you’re unsure if a message that you receive is authentic, it is recommended that the member contact the institution using a known and verified method of communication.
Fake Mobile Banking Apps - Mobile banking is a common way to manage your finances anytime from the convenience of your mobile device. Be sure to download mobile banking apps from trusted sources and not unknown websites.
- Multi-factor Authentication – Ensure that multi-factor authentication is enabled for any sites or mobile apps that contain confidential data. Multi-factor authentication requires you to not only know the username and password to be able to log into secure sites, but to also have something that proves that you are who you say you are. This typically comes in the form of a text message to a mobile device or a code from an authenticator app. If member credentials are lost or stolen, multi-factor authentication would require that the malicious actor also have access to the member’s phone in order to receive the secure code sent to the member.
- Encrypt Mobile Device – It is highly recommended that members encrypt their mobile devices. By doing so, it can be better assured that in the event the mobile device is lost or stolen, that malicious actors would not be able to access your data. While it is usually possible to set a secure pin to authenticate and decrypt devices, it is recommended that members use biometric authentication where applicable to achieve a stronger authentication mechanism.
Use these tips for improved Mobile Device Security. That’s the power of you!