In today’s blog, we finish our series on the weaknesses of Smartphones. Here we go:
This is a much more covert threat that Cyber attackers are using now to infiltrate Smartphones. This is a type of malware which “. . .is installed on a computer without the knowledge of the owner in order to collect the owner’s private information. Spyware is often hidden from the user in order to gather information about internet interaction, keystrokes (also known as keylogging), passwords, and other valuable data.” (SOURCE: http://www.pctools.com/security-news/what-is-spyware/). But, be warned it is not just a Cyber attacker that can install Spyware onto your Smartphone. If you have an employer issued Smartphone, your boss may have already installed Spyware on it before handing it you, so that he or she can keep tabs as to how you are spending your workday.
- Improper Session Handling:
A bulk of the Smartphone apps now make use of what are known as “Tokens”. Simply put, this allows the end user to access different parts of the app without having to enter their login credentials (such as the username and password) each and every time. These tokens have been designed to act like a password, but the advantage of this is that the mobile app should create a new token (or a “new session”) each time something is accessed from within it. The purpose of these secure tokens is to constantly identify the device which is accessing that particular app. Improper session handling occurs when the mobile app unintentionally shares these tokens with a Cyber attacker, thus impersonating a legitimate user.
Yes, Smartphone technology is evolving at a very rapid pace, and as a result, so will the level of the sophistication of the Cyber-attacks against it. What is the best way to stay protected? First and foremost, make sure that your Smartphone is always updated with the latest security patches and upgrades. Your device should automatically tell you when to do this.
Second, always be vigilant. As the old adage says: “If it doesn’t feel right, don’t do it!!”.