Many industry pundits have predicted a rise in mobile fraud over the past five-plus years, making this a top concern in mobile security. While I don’t believe that predicting the future is very difficult, I do believe getting the timing of predictions correct is much more challenging.

Fraud will eventually hit any new channel or payment type introduced. So while most of us agree fraud will become a very large problem, we’re not quite sure when. Given some recent developments, it seems we’re getting closer to a significant rise in mobile fraud. The question of how real these threats are is more of a matter of when than if; fraudsters will find a way to exploit mobile.

Deploying Mobile Security

How we deploy and manage mobile is very different compared to the security environment we had with PCs and laptops. While we may see a few instances of individuals bringing their own computer to work, the majority of our traditional computer equipment is still purchased, configured, deployed and managed by the organization. This means that IT has the opportunity to create a profile on that computer and then lock it down, making it much easier to manage.

In the mobile world, many devices are brought into the enterprise by the end user, and they are not as interested in upgrading the OS or adding applications to their PC as they are their mobile device. The users own the devices and have the ability to configure and upgrade them as they desire.

With mobile, OS upgrades and patches happen frequently: In fact, end users are typically scrambling to implement them as soon as they are released. Add to this the fact that applications can be added for free or for a minimal charge and you have a device that is constantly changing and very difficult for IT to manage.

Handling Security Challenges

With the challenges of managing the device comes the opportunity for malicious actors to use these devices as an entry point to the enterprise.

Mobile security is also challenged by jailbroken and rooted devices. These are devices that have been altered to gain additional access to their underlying configuration and operating system. By doing this, end users render much of the security built into these devices useless. That could potentially allow a cybercriminal to manipulate the device more freely.

As an enterprise, you want to be aware of these devices and take steps to prevent them from accessing your environment and data. Jailbroken and rooted devices have no place in the enterprise and significantly increase your risk.

Staying Clear of the Train Tracks

According to the Monthly Mobile Threat Roundup report from IBM Security Trusteer, the sophistication and expanding capabilities of mobile malware is impressive — in a bad way. The fact that mobile attacks are now reaching the sophistication of PC tactics indicates that cybercriminals are focusing on the mobile channel with similar intensity as the online channel.

As Tyler Shields, formerly of Forrester Research, recently shared, mobile attacks will increase when the business value of those attacks approaches that of online strikes — that is, when cybercriminals get a similar return on their investment.

Listen in as Shields provides his insights on the rising threat of mobile fraud in the video series linked below. And listen now, before that mobile fraud train comes roarin’ around the bend!

More from Endpoint

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule within the…

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…