Companies Are Warned to Pay Close Attention to Cryptojacking
Companies and businesses have been the primary targets of bad actors for years now. The overwhelming majority of cyber attacks are carried out against industries, corporations or medium-size businesses. No small part of those attacks has been executed through mobile devices.
There is no denying the utility and ease of access that mobile devices such as phones and tablets offer. Businesses have been increasingly adopting more and more mobile devices in the everyday work of their employees. Those mobile devices are used for almost everything you could use a desktop computer for - downloading files, checking and sending e-mails, sharing files and working with cloud-based applications and platforms.
However, those mobile devices are often the point of entry for bad actors, who can swipe credentials from them and later on - compromise an entire network.
The way that bad actors would gain access to a mobile device is not much different compared to their approach to desktop systems. One of the most commonly used ways to steal credentials is fake, phishing e-mails. Those e-mails use one of several popular social engineering tricks to either scare or lure the user into following a malicious link, which seems to have been sent from a reliable source.
Once the victims tap the link, they are usually taken to a fake login page that is used to swipe their credentials and forward them to the bad actors.
Another threat facing mobile devices, as well as desktop systems is cryptojacking. The term cryptojacking is used to the quiet and malicious hijacking of a device and harnessing its processing power to mine cryptocurrency for the bad actors, without the device owner's knowledge.
With mobile phones and tablets being produced with increasingly more powerful processors in them, they are becoming more and more viable targets for cryptojacking attacks.
The usual password precautions and safety practices that you are probably familiar with help with mobile security. Never reuse passwords, use multi-factor authentication wherever you can and never follow links that appear in e-mails originating from uncertain sources.