ThreatMetrix Cites Escalating Mobile Malware Threats to be Aware of During the Holiday Season
San Jose, Calif. – November 14, 2013 – ThreatMetrix™, the fastest-growing provider of integrated cybercrime solutions, today announces several of the top threats compromising mobile devices this holiday season, including app replacement, API reverse engineering and SMS malware. Mobile malware is projected to more than quadruple in the next year – and a key factor in this rise is the increasing rate of mobile transactions.
Mobile transactions are projected to reach $3.2 trillion in revenue by 2017, and while mobile commerce and banking provide users with the convenience of on-the-go functionality, increased usage makes mobile devices an attractive target for cybercriminals.
“Mobile devices offer vast functionality but are different than PCs and require different strategies to effectively guard against cybercrime – which many mobile applications have yet to adopt,” said Andreas Baumhof, chief technology officer, ThreatMetrix. “The most prevalent attacks are almost undetectable by the end-user and result in significantly growing losses each year. To protect end-users from such risks as account takeover, payment fraud and identity spoofing on mobile devices, businesses need preventative cybersecurity measures in place.”
Common Attacks Targeting Mobile Devices
It’s estimated that 89,556 new strains of mobile malware will be released by the end of 2013 and this number will more than quadruple in 2014, with 403,002 new strains. With this increase in mobile malware and cybercrime, there are several specific attacks targeting mobile devices. These include:
- App Replacement – Criminals replace legitimate apps with a modified version capable of recording data and tracking user activity to steal users’ account information for personal profit.
- API Reverse Engineering – When a consumer opens a new account on their mobile device, hackers can backtrack through the app to obtain and compromise the user’s login information.
- Malware on Premium Services – SMS messages on premium services are often used to spread malware through spam.
While there is often no way for end-users to determine when these attacks are happening, they can take several preventative steps to decrease the risk of cybercrime. These include only downloading apps from legitimate sources and evaluating how much information is shared with apps. For example, if an app is requesting the ability to send text messages or block calls, it’s likely been comprised and shouldn’t be downloaded.
“There are plenty of steps businesses can and have to take to ensure their apps are secure,” said Baumhof. “But consumers must also take responsibility for mobile safety, and be aware of the growing risks, exercising caution to protect themselves from cybercriminals.”
To protect against mobile fraud and cybercrime risks, businesses must leverage a global data repository such as the ThreatMetrix™ Global Trust Intelligence Network (The Network) to differentiate between authentic and suspicious mobile transactions and activity. The Network is the most comprehensive global repository of fraud data and protects tens of millions of users every day from mobile threats with real-time analytics that evaluate logins, payments, new account registrations and remote access attempts for validity.
Highlighting the widespread risk of mobile cybercrime, ThreatMetrix will release data from The Network in December about mobile fraud rates on Black Friday and Cyber Monday, two of the biggest days each year for mobile and online shopping transactions.
ThreatMetrix secures Web transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.
© 2013 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.