13 dangerously common mobile device cybersecurity threats

Meredith Kreisa headshot
Meredith Kreisa|October 19, 2022
Padlock on computer screen
Padlock on computer screen

Many people think their mobile devices are inherently secure. After all, cybercriminals historically focused their efforts on PCs, and many smartphones, tablets, and laptops come equipped with robust security features. Unfortunately, one sad fact remains: No internet-connected device is ever immune to cybersecurity threats.

Countless security threats exist, and cyberattacks against mobile devices can be just as devastating as those that use desktops as entry points. With more and more organizations adopting BYOD policies, mobile device security is increasingly paramount. In an Apple environment, following Mac security best practices is a good start. Understanding mobile threats can help you further fortify your posture.

We’ll tell you about some of the top mobile device cybersecurity risks so that you know what to look for.

Failure to install updates

Software developers release updates for a reason. Sometimes, it’s to improve the functionality or fix bugs. Other times, it’s to patch critical vulnerabilities that jeopardize device security. When updates target performance, they’re not as pressing. However, businesses should install critical patches as soon as possible. Failing to do so presents a significant cybersecurity threat.

The release of a critical patch broadcasts exploitable vulnerabilities to threat actors. They scramble to take advantage of these weaknesses before businesses apply patches. In fact, a Ponemon study found that a whopping 60% of breach victims reported that the incident was related to a known vulnerability for which they had not applied the available patch.

Social engineering

Across all platforms, social engineering is a major security threat. It relies on deception to convince users to hand over confidential information or perform a desired action.

Phishing is the most well-known form of social engineering. The victim traditionally receives an email that appears to come from a legitimate source. It asks them to click a malicious link, download a malware file, or reply with requested personal information. According to an IBM report, phishing is the second most common cause of breaches, accounting for 16%. It is also the most expensive, averaging $4.91 million in associated costs. In many cases, strong email security with effective filters coupled with regular employee training can thwart a phishing attack.

Cybercriminals may also use other forms of social engineering to target mobile users. Smishing relies on fraudulent SMS messages, and vishing uses phone calls.

Uber’s network was breached after an attacker reportedly sent a text message to an Uber employee claiming to work with the corporate IT team. The employee is said to have handed over his password, giving the hacker access to Uber’s systems.

Improper configuration

Many mobile devices have robust security features, but they work only if they’re enabled. Use a strong passcode, enable encryption, turn on the “find my device” feature, turn off Bluetooth when you’re not using it, and limit what information you share with apps.

If you use cloud-based services in conjunction with your mobile fleet (and who doesn’t?), you should also consider the configuration of your cloud security. This includes access management, encryption, database management, monitoring, and more.

Lost or stolen devices

Your employees probably never misplaced their bulky desktops, but as devices become more portable, they’re also increasingly easy to lose. An employee may absent-mindedly leave their smartphone, laptop, or tablet in a coffee shop or on public transportation, inadvertently providing outsiders with easy access to corporate data.

Mobile devices also pose a valuable target for thieves. Whether someone purposely targets your business to steal secrets or they’re just looking to make a quick buck by selling your devices, it’s all too easy for someone to nab an unattended device.

Thankfully, strong passcodes and remote wipe capabilities can help mitigate the damage.

Bad password hygiene

Sloppy password practices spell certain disaster for your mobile security. If your passwords are compromised or guessable, intruders could access your cloud-based services.

Weak passwords may be even more problematic if a device is lost or stolen. Hackers could unlock the phone and access corporate apps and data before your employee even reports that the device is missing.

Multifactor authentication (MFA) provides an extra layer of security, but it should be your last line of defense.

Malware

Malware is a scourge on devices everywhere. Apple users frequently assume that their devices are safe thanks to the UNIX-based operating system and the relative rarity of Mac-specific malware. But enterprising cybercriminals now design ransomware, spyware, adware, trojans, and other malware up to the task. Security features offer some degree of protection, but skilled hackers are constantly coming up with new tactics.

According to Verizon’s 2022 Mobile Security Index, over 30% of breaches involve malware. With a 500% jump in mobile malware attack attempts in Europe, businesses would be remiss to ignore the risks.

A mobile banking virus targeting Android devices aims to encrypt phones for ransom. It’s reportedly hit users in the United States, Russia, Spain, and India.

Machine-in-the-middle (MitM) attacks

Free Wi-Fi is almost as alluring as free pizza. But indulging excessively in either may fill you with instant regret. Machine-in-the-middle (MitM) attacks, also known as man-in-the-middle attacks, frequently leverage public Wi-Fi networks to intercept mobile traffic and steal sensitive data. The attackers may collect login credentials, financial information, or other details to steal the victim’s identity, change their passwords, or transfer funds.

Without proper network security, a MitM attack could even affect your corporate network. However, attacks are more typically associated with public networks, so they disproportionately affect mobile devices.

Network spoofing

Spoofing takes MitM to the next level. Rather than lying in wait to intercept traffic, attackers set up a trap for users by masquerading as a trusted source. They create free rogue Wi-Fi networks that appear to belong to legitimate sources, like coffee shops. Mobile devices are particularly susceptible to network spoofing since on-the-go users may be a little too eager to connect to free Wi-Fi.

Users should avoid joining unknown wireless networks, which you should spell out in your IT policy. If they absolutely must get that sweet free internet, then they (or preferably your IT team) should check the device afterward for recently added software or email accounts that may be signs of compromise.

Improper session handling

Authentication tokens verify legitimate users, allowing them to continue accessing a resource without logging back in. Improperly handling a session token typically involves accidentally sharing it when the app communicates to the backend server. This may allow threat actors to impersonate the app user and access sensitive data.

A bug allowed some users on mobile devices to stay logged in to Twitter after resetting their passwords. That means if a user resets their password because their device was lost or stolen, whoever is in possession of that device may have access to the account.

Risky apps

Malicious apps are an obvious threat to devices, but other apps can be just as dangerous.

Apps that are purposefully malicious might covertly collect information, send SMS texts, record calls, subscribe to services, download other malware, or even take control of the user’s device. Further complicating the situation, some malicious apps mimic legitimate apps, so it’s difficult for the average user to differentiate between the two.

While Apple reviews apps before they’re available in the App Store, malicious mobile apps can still make it through. The same is true of Google Play and other popular platforms. Users might also jailbreak their phones to install apps from outside the App Store. That’s even more dangerous (and super cringey).

A lot of legitimate applications are also just unsecure, including many from the App Store. Hackers may target these apps to steal data.

Broad permissions could prove especially problematic if an app is malicious or compromised. Some apps may seek access to the following:

  • Photos

  • Camera

  • Location

  • Microphone

  • Bluetooth

  • Calendar

  • Contacts

  • Voice processing

  • Health data

Check the resources allocated to each app. In settings, you can see how much cell data each app uses and what resources are turned on. A periodic review of this information can help identify anomalies associated with attacks. Also check your email accounts regularly to watch for rogue accounts hackers may add.

Facebook alone identified 400 malicious apps designed to steal user login information.

A malicious link, also known as a malicious URL, may exploit a vulnerability in a web browser, download a malicious app, install malware, or ask the user to submit personal information. These sites often look official, so device users may not notice the difference. Cybercriminals frequently distribute malicious links via email- or SMS-based phishing attacks. As a general rule, if you aren’t expecting it, don’t click it.

Exploitable vulnerabilities

Attackers may take advantage of vulnerabilities in firmware, operating systems, applications, or network services.

Unfortunately, there’s no surefire way to prevent all vulnerabilities. Firmware and operating system developers frequently uncover new vulnerabilities. Software and hardware issues leave networks at risk. Even established mobile apps sometimes have flaws. Think of your systems as a bucket. If there’s even one tiny hole, water leaks out. You have to patch that hole to secure your bucket.

Similarly, you must patch mobile devices to make sure nothing gets in or out unless you want it to. Critical updates address known vulnerabilities to fix holes in your defenses, so it’s essential to implement them as quickly as possible.

Encryption issues

End-to-end encryption scrambles data to keep it safe in transit. Unfortunately, gaps may occur during which the data is unencrypted. These encryption gaps are kind of like leaving a bag of cash unattended. If you’re lucky, it might all be there when you get back, but you’re kind of asking for someone to help themselves.

Encryption gaps are prevalent with unencrypted public Wi-Fi networks. However, unencrypted apps, particularly messaging apps that employees use for work, can also give threat actors easy access to sensitive data.

Similar problems occur when a mobile application uses weak encryption algorithms, making it easy for hackers to figure out passwords and access data. Password managers, like Keeper, LastPass, and 1Password, can help with that by securing passwords in an encrypted vault. They also prevent the use of plain text passwords and eliminate the need to enter them manually.


An effective mobile device management (MDM) solution is one of the easiest ways to enhance your security posture. SimpleMDM streamlines device enrollment, monitoring, updating, and licensing so that you can protect your environment with less hassle. Start your free 30-day trial, or keep reading the SimpleMDM blog to learn more.

Meredith Kreisa headshot
Meredith Kreisa

Part writer, part sysadmin fangirl, Meredith gets her kicks diving into the depths of IT lore. When she's not spending quality time behind a computer screen, she's probably curled up under a blanket, silently contemplating the efficacy of napping.

Related articles