top of page
  • Zack Davis

The 5 Most Common Mobile Device Malware Attacks

Because of the convenience and portable nature of smartphones or tablets may people list them as their preferred devices. Many people use them for basic communications, web browsing, and accessing a variety of apps.

New trends show that many tasks that people used to complete on computers are now being done on smartphones or tablets.

For example, Microsoft estimates that up to 80% of the workload in many enterprise organizations is now done via mobile devices. Over half of all web searches are also now conducted from a mobile device rather than a desktop PC.

To mirror these trends in user data, hackers have taken to creating new malware that targets mobile devices and their applications.

In 2020, approximately 36.5% of organizations were impacted by mobile malware and 2.5 million people unknowingly downloaded multiple mobile adware apps.

This means that mobile devices now need the same level of security as a typical computer or laptop. Smartphones and tablets need the same types of security precautions in place, including:

  • Antivirus/anti-malware

  • DNS filtering

  • Automated OS and app updates

  • Managed backup

You need to be on the lookout for the most prevalent mobile device threats that allow your data to be leaked or breached. Here’s a roundup of what those are.


It can be difficult to tell the difference between a free app and an app with malware built into it.

Scammers will use the same types of flashy graphics, and the app may even have a high star rating (most likely boosted through suspicious means). The app may even do what it says it will do when downloaded.

However, that does not mean the application does not have malware infecting your device in the background.

Mobile malware can include all the same types of malware that can infect a computer, such as ransomware, adware, spyware, trojans, and more.


Have you ever sent someone a password or credit card details over a text message or messaging app? Did you check to see if the communication was encrypted?

If this type of sensitive information is not encrypted, that means there is no guarantee that is secure. Private information can be taken and used by hackers to cause further damage.


Despite the well-known dangerous reputation of public Wi-Fi, most people still willingly use it for a faster connection or to reduce the use of their own data.

75% of people admit to connecting to email when on public Wi-Fi. Other activities people will do is sign into apps (even sensitive ones like online banking) and shop online, entering credit or debit card details.

If you’re on public Wi-Fi, then you’re at high risk of a man-in-the-middle attack. This is when a hacker connects to the same network and looks for victims with unprotected communications. They can then capture any type of data being communicated on the public Wi-Fi.

One way to safely connect to public Wi-Fi is to use a VPN app, which will encrypt your communications.


Another public mobile breach danger is public USB charging stations. These stations can often be relief-inducing when you are struggling with low battery. However, hackers can infect public USB charging ports with malware and set up fake charging stations in public areas. This is a similar process to how ATM stations or gas station pumps can steal your credit card information.

Then, when you insert your USB cord to charge your device, the malware is copying all the data on your phone and/or infecting it with malicious code. This makes sense because USB cords are not just for charging, but for the transferring of data.

It’s best to avoid public USB charging ports and charge with your own power adapter that plugs into an outlet instead. You can also buy a “charge-only” USB cord to use if USB charging is your only option, this protects you from data being transferred without your permission.


Approximately 40% of Android devices are running outdated operating systems that no longer get the necessary security updates.

When your mobile device is not kept updated, then it’s easier for a hacker to exploit possible holes in old systems and other vulnerable programming that an update would have patched up.

Many companies aren’t paying attention to how many employees’ work devices are running current operating systems, which puts their networks at higher risk of a breach.

Remember to always check for updates, something you can do by going to settings. Your phone will likely give you update pop-ups as well.


With mobile devices handling so much of the computing workload these days, it’s vital they’re properly protected. Contact us to discuss mobile security and management solutions. And discover more about our Virtual IT Department or contact us directly.

Article used with permission from The Technology Press.

bottom of page