With increased mobile usage comes increased security threats. Recent statistics show that more than 60% of digital fraud cases are initiated via a mobile device. An unsecured mobile device can become an access point for countless malicious attacks.  Learn more at our Cyber Talk – Lock It Down – Easy Steps to Secure Your Mobile Device Cyber Talk on September 18, 2025 at 10:00.  Register Now for the  Zoom Session

Malicious applications and websites

Just downloading a malicious application or visiting a malicious website may be enough to infect your device and the network it is connected to. The website or application may attempt to install malware on your device, or they may prompt you to allow an install that looks legit but is in truth malicious.

Applications with weak security

Apps with weak security put your data at risk. They do not offer adequate encryption for stored data or data in transit. This can result in identity theft, intellectual property theft, or loss of GW or personal data.

 Data leakage

Data leakage is a slow data breach that can happen in two ways:

• Physical leakage via sharing or theft of portable storage devices, such as USB drives or external hard drives
• Electronic leakage when connecting to public WiFi or other malicious or compromised network. With mobile devices, this can be a result of giving apps too many permissions. Review our Device Security Learning resources for more information.

Mobile ransomware

Mobile ransomware does what it sounds like. It will hold your device at ransom, requiring you to pay money or information in exchange for unlocking either the device, certain features, or specific data. You can protect yourself with frequent backups and updates.   

Phishing

Phishing attacks most commonly target mobile devices because people seem more inclined to open emails and messages on a mobile device than on a desktop. Part of the reason is that the smaller screen only shows a partial sender name or subject line, making it harder to identify suspect emails.  See our Phishing – Learning resources for more information.

Unsecured, Public and Spoofed WiFi

Using public Wi-Fi networks presents a risk, as they are often unsecured. This can allow hackers to intercept the data transmitted between your device and the Wi-Fi access point, potentially gaining access to critical personal and business information.  Network spoofing happens when malicious parties set up fake access points that look like a legitimate Wi-Fi network that users can connect to. These traps are set up in high-traffic areas frequented by employees using their mobile devices to connect to work-related applications or systems. A common trick is to offer "free" Wi-Fi if users set up an account first. The goal is to access passwords and other personal data.  See our CyberSafe Travel Resource Page  for information on network security as well as other security tips while traveling around DC or in far away place. 

Identity theft

Since mobile devices often carry personal and financial data, a compromised device can lead to identity theft. Malicious third parties can steal this data electronically or by physically stealing your device.  See our Compromise Recovery – Guide for information on what to do if you think your identity has been stolen.