The Growing Use of Mobile Malware

As more and more consumers turn to mobile devices to perform online transactions and share sensitive personal data, an increasing amount of fraudsters are embracing malware as a way of targeting them. CSO Online reports that between 2012 and 2013, the number of mobile malware and high-risk apps more than doubled to 1.4 million. And, that number nearly tripled in 2014 – to 4.3 million malicious apps. Mobile malware takes on many shapes and sizes, so organizations need to employ robust identity verification and fraud prevention mechanisms to ensure they establish the legitimacy of each consumer and transaction.

Types of Mobile Malware

Criminals work every day to scam individuals as well as organizations and the mobile marketplace is highly enticing as it is still relatively young. Without the same security measures that are in place for many organizations operating in the customer-not-present environment, fraudsters can find weaknesses in the mobile system, infect a user’s device, and steal valuable data. They then exploit this stolen data to defraud both businesses and their customers.

Mobile malware can take a variety of forms. A few examples to recent attacks include:

• Watering hole attacks – A watering hole attack targets a normally trusted website that is regularly visited by employees or members of a particular group or organization. In this attack, the attacker figures out which websites the group visits often and infects one or more of them with malware. Ultimately, some member of the targeted group becomes infected. The attacker can then gain access to the target through the infected member’s device. Groups that are typically resistant to forms of phishing can become victim of this particular attack as the fraudster is relying on websites that the group trusts.
• Malicious Advertisements – Malware in advertisements are dangerous because they are oftentimes part of a legitimate ad network that users see on their smartphone or tablet. What makes them tough to avoid is that they crop up in many legitimate apps and mobile websites. When a customer clicks on an ad, he or she may be redirected to a malicious site that is set up to look legitimate, but asks for sensitive information such as account numbers and login details.
• Keyloggers – A keylogger is a type of malware that records keystrokes in order to steal passwords and credit card numbers. This sneaky software is spread through flaws in mobile operating systems and works when an app is running in the background. Although someone may or not be using the app at that moment, it is still logging what is typed into web forms, banking apps, and more.
• Risky Apps – People love installing new apps on their phone, but many exist for the sole purpose of stealing information. In addition to those that users install from third-party sources, which haven’t gone through a strict security review, many legitimate apps are sharing tons of user information with affiliated companies that may be targeted by hackers.

Why Identity Verification is Crucial as Mobile Malware Continues to Rise

Since consumer information in the mobile marketplace is being compromised each day, it is important to use a robust identity verification solution to ensure that your customers are who they say they are and not imposters using a stolen identity. ExpectID from IDology goes beyond verifying email address and password combinations and uses multi-layered authentication methods to ensure the good customers pass – and the fraud is deterred. As a result, organizations gain a greater level of confidence in each transaction.

With mobile malware on the rise, it is also critical to educate consumers about various threats as well as anticipate the areas where fraudsters are trying to compromise your business most often. By using identity verification and fraud prevention techniques to counteract the work of criminals, your organization will be able to give the green light on more transactions, which leads to greater revenue and customer satisfaction. To learn more about how ID verification can benefit your organization set up an online demonstration by contacting the experts at IDology today at (866) 520-1234.