Thirty years into the personal computer revolution, most consumers are savvy enough about Internet security to know that they shouldn’t be surfing the Internet without some sort of protection. But those same consumers, not to mention the corporations for which many of them work, think nothing of using their smartphones to conduct all manner of potentially sensitive communication. Not surprisingly, developers of malware are paying attention.
According to Beth Jordan, vp of communications for security software developer AVG, recent research that the company conducted in conjunction with the Ponemon Institute revealed a disturbing lack of consumer awareness regarding the vulnerability of information on a smartphone.
For the research, 734 U.S. smartphone users aged 18 or older were polled. Among the findings: Thirteen percent of surveyed smartphone users said location data had been unknowingly embedded on their handset, enabling others to track their location. Only 21 percent of respondents were aware this could happen. Six percent of respondents said that mobile applications had transmitted confidential payment information such as credit card details without the users’ knowledge or consent. Only 11 percent of respondents were aware this was possible. And 8 percent said their handsets had been infected by a sort of malware called dialerware that enables criminals to make use of premium services that are then charged to the cell phone owner. Only 10 percent of respondents were aware of this risk.
Jordan says that the researchers asked about 11 of the most common ways in which consumers are taken advantage of in the mobile space. Of the 11, only two had a consumer awareness of more than 50 percent. Additionally, she points out, the “awareness” numbers and the “impacted by” numbers are, in most cases, very close, meaning that, very often, consumers are aware of a potential security problem involving their cell phones because they have already experienced the problem.
According to Chris Wysopal, chief technical officer for Veracode, which has developed a cloud-based mobile app security verification service aimed at big enterprise customers in the healthcare and financial industries, malware embedded in mobile apps and particularly in information downloaded from the mobile web is becoming more and more pervasive. “The same type of phishing attacks that happened to PC users are now happening to mobile users,” he says. “The browser is smaller; there is less information in the URL. You have to be more careful.”
The problem is especially acute for large companies because of the way in which people use their mobile devices to interact with their workplaces. By attacking a smartphone, malware developers can, conceivably, gain access to sensitive information stored on the phone itself or, using the smartphone to connect to a company’s central databases, do even more damage.
Wysopal thinks that most consumers don’t understand how little security checking is done before an app is uploaded to an app store. “Google doesn’t really do any validation of apps that are uploaded,” he says. “The iTunes store has a policy where they review the app, but it’s unclear what level of security screening they do. I would suspect very little, if any.”
“I think we’re just at the beginning of understanding the risks of the mobile platform,” says Wysopal.
Dentsu’s latest ad report shows slowed growth, driven mostly by inflation
The good news in Dentsu's ad forecast is that there's still growth. The bad news: most of the growth is the result of inflation, while real ad pricing actually dropped a bit.
How chef influencer Tue Nguyen works with the BuzzFeed Creator Network
BuzzFeed's Creator Network has been valuable from an audience and production education standpoint, but Nguyen still drives most of her business on her own.
Dentsu’s new Web3 readiness tool shines light on the tech’s potential to complement AI
Dentsu's Innovation Initiative is launching a web3 readiness index next month — at a time when the industry is obsessed with AI. Could the two technologies actually make a good pair?
SponsoredHow enterprise-grade CDPs are enhancing data processes and improving customer experiences
Produced in partnership with Marketecture The following article highlights an interview between Martin Kihn, Salesforce’s senior vice president of Marketing Cloud, and Ari Paparo, founder and CEO of Marketecture Media. Register to watch more of the discussion and learn how brands are making the most of enterprise-grade CDP technologies. As brands expand across channels and […]
Digiday+ Research deep dive: Publishers large and small put their resources into first-party data
Eighty-two percent of publishers overall say they're already using first-party data to prepare for the end of the third-party cookie, and nearly half are requiring users to register and integrating first-party data segments into DSPs – indicating that first-party data is the clear path forward for publishers heading into the post-cookie world.
Media Briefing: Why publishers hope chatbots will be the latest retention tool
Publishers hope the chatbots they are developing will be the latest retention tool to keep readers onsite and to get them to consume more content.