- V3 Apps
Despite worries over new and more sophisticated mobile malware, cyber criminals still overwhelmingly prefer the older, more primitive attack techniques, according to a new report.
Security firm Blue Coat reported that techniques including premium-number diallers and phishing attacks are still by far the most common means of attacking mobile handsets.
The attacks, which rely on social engineering tactics rather than technical exploits against the mobile operating system, usually seek to harvest credentials or attempt to connect the victim with premium services which the malware writer collects a commission on.
The findings suggest that mobile malware writers are still content to go after the "low-hanging fruit" of the security world and feed on poorly-protected devices and reckless user behaviour.
"Weaponised exploits that target mobile devices have not yet appeared in the wild," Blue Coat said in its report.
"However, established techniques such as pornography, spam and phishing that have worked well in the desktop world are now successfully migrating to the mobile world."
While such sophisticated attacks have yet to fully materialise, the company believes that mobile malware will become more complex over the course of the year.
With many businesses continuing to opt for bring-your-own-device policies over company-issued handsets, Blue Coat believes that administrators will need to find ways to enforce policies and security protections on multiple mobile device platforms and form factors.
In doing so, however, the company noted that developers will need to address user experience and interface elements, which have to date dictated how staff behave when using mobile devices.
"From a security perspective, users will tend to go with the application that provides the best user experience even if it is not the most secure option," Blue Coat claimed.
"For example, if logging into a VPN is cumbersome or provides poor performance, a user will find another way to send out documents."