The Eight Most Common Mobile Threats
We trust our mobile phones with everything, both private and work-related, but we do not pay enough attention to mobile security. Don’t underestimate the issue of mobile threats.
We trust our mobile phones with everything, both private and work-related, but we do not pay enough attention to mobile security. Don’t underestimate the issue of mobile threats.
According to a recently released report by Verizon, many people underestimate the issue of mobile threats. Almost half (49%) of users believe that clicking on a malicious link or attachment could only negatively impact their device.
The average user’s SMS phishing The probability of being exposed to attacks is 6-10 times higher than email-based attacks.
People often combine their personal and work lives on a single device. 78 percent of users use their work devices for personal activities, and 72 percent use their personal devices for business activities.
The most common mobile threat topics:
Phishing: Attackers use social engineering techniques to persuade individuals to click on malicious links, share personal information, download malware, or provide account information via email (phishing), SMS (smishing), or calls (vishing).
SIM hijacking: SIM hijacking occurs when an attacker uses personal information they find on the internet to impersonate someone else and contact a telecom provider to redirect your calls or messages to their device, giving them easy access to your data.
Malicious apps: Disguised as legitimate applications, these applications are often accidentally downloaded from unofficial sources such as third-party app stores or websites, or through phishing emails that direct victims to visit these app stores and websites.
Once installed on a device, these malicious apps can perform various harmful actions such as data theft, financial fraud, or acting as spyware.
Fake banking apps: It is a dangerous type of malicious application. If you unknowingly download and install a fake banking app, you could enter sensitive information such as login details, account numbers, and other personal data into the app and unintentionally hand that information over to cybercriminals.
Fake credit apps: Deceptive apps posing as legitimate lenders offering high-interest loans are created by cybercriminals to collect victims’ personal and financial information. They can then use the collected data for identity theft, financial fraud or other malicious activities.
Ransomware: During a ransomware attack, cybercriminals may encrypt your files and demand a payment. They may claim that if you accept their demands, they will give you a decryption key. Unfortunately, this is not always the case.
Poor physical security: Weak authentication methods are a big problem when it comes to mobile threats. Cyber criminals who take over your device can easily access your data or payment information and use it as they wish.
Similarly, if you lose your device and it is not adequately protected, you can jeopardize not only your own cybersecurity but also your company’s cybersecurity.
Unsecure Wi-Fi: If you’re using public Wi-Fi at a hotel or coffee shop, you may be the target of a man-in-the-middle (MITM) attack, in which an attacker can interfere with communications between your device and the website you want to connect to.
Security
Kaspersky, IT Outage And Supply Chain Risk Scenario
As part of Kaspersky’s annual “Security Bulletin”, the company’s experts analyzed major supply chain attacks and IT outages experienced last year.
As part of Kaspersky’s annual “Security Bulletin”, the company’s experts analyzed major supply chain attacks and IT outages experienced last year.
In 2024, supply chain attacks and IT outages emerge as prominent cybersecurity concerns, demonstrating that almost no infrastructure is completely immune from risk. A faulty CrowdStrike update affected millions of systems; Sophisticated incidents such as the XZ backdoor and the Polyfill.io supply chain attack have highlighted the risks inherent in widely used tools. These and other notable cases highlight the need for rigorous security measures, robust patch and update management, and proactive defenses to protect global supply chains and infrastructure.
While evaluating the events of 2024 within the scope of “Story of the Year”, Kaspersky Security Bulletin discusses possible future scenarios and the potential consequences of these scenarios as follows:
But what if a major AI provider experiences an outage or data breach? Businesses are increasingly relying on models from providers such as OpenAI, Meta, Anthropic. However, despite the excellent user experience these integrations offer, they also come with significant cyber risks. Dependence on a single AI provider or a limited number of service providers creates concentrated points of failure. If a large artificial intelligence company experiences a critical outage, it can significantly affect tens or even thousands of services that depend on them.
Additionally, an incident at a major AI provider could lead to one of the most serious data leaks since these systems store large amounts of sensitive information.
But what if on-device AI tools are exploited? As AI becomes more integrated into everyday devices, the risk of it becoming an attack vector increases significantly. For example, Kaspersky’s Operation Triangulation campaign, revealed last year, showed how attackers can compromise device integrity by exploiting system software and hardware using zero-day vulnerabilities and installing advanced spyware. Potential software or hardware vulnerabilities in the neural processing units that run AI, including certain platforms such as Apple Intelligence, could, if discovered, significantly increase the scope and impact of such attacks. Exploiting such vulnerabilities can significantly amplify the scale and impact of attacks using AI capabilities.
Kaspersky’s Operation Triangulation investigation also uncovered a first-of-its-kind case reported by the company: the misuse of on-device machine learning tools for data extraction. This suggests that features designed to improve user experience are already being weaponized by advanced threat actors.
But what if threat actors disrupt satellite connectivity? Although the space industry has been facing various cyber attacks for some time, the new target of threat actors may be satellite internet providers as an important element of the global connectivity chain. Satellite internet can provide temporary communication links when other systems are down; Airlines, cruise lines and other platforms can rely on this service to offer connectivity to passengers. It can also be used to enable secure communication services.
This creates cyber risks: a targeted cyber attack or a faulty update against a leading or dominant satellite provider can cause internet outages and possible communication breakdowns and seriously impact individuals and organizations.
But what if major physical threats to the internet materialize? Continuing on the topic of connectivity, the internet is also vulnerable to physical threats. 95% of global data via undersea cables while being transmittedwhich are physical locations where different networks exchange data traffic approximately There are 1,500 Internet Exchange Points (IXPs). Many of these points are located in data centers.
An outage to just a few critical components of this chain – such as trunk cables or IXPs – could overload the remaining infrastructure and potentially lead to widespread outages, significantly impacting global connectivity.
But what if serious vulnerabilities are exploited in the Windows and Linux kernels? These operating systems run many critical assets around the world – servers, production equipment, logistics systems, IoT devices, and others. A remotely exploitable core vulnerability in these systems could expose countless devices and networks around the world to potential attacks, creating a high-risk situation where global supply chains could suffer major disruptions.
“Supply chain risks may seem daunting, but awareness is the first step to prevention,” said Igor Kuznetsov, Director of Kaspersky Global Research and Analysis Team (GReAT). We can reduce single points of failure by rigorously testing updates, using AI-powered anomaly detection, and diversifying providers. We can eliminate weak elements and build resilience. It is also vital to create a culture of responsibility among staff, because human attention is the cornerstone of security. “Together, these measures can ensure a safer future by protecting supply chains.”
Security
5 Cyber Security Threats Awaiting the World in 2025
The year 2024 stood out as a critical year in terms of cyber security, with increasing threats in the digital world. In this year of fighting against the threats brought by artificial intelligence, cyber criminals have made their attack methods more effective by taking advantage of developing technologies.
The year 2024 stood out as a critical year in terms of cyber security, with increasing threats in the digital world. In this year of fighting against the threats brought by artificial intelligence, cyber criminals have made their attack methods more effective by taking advantage of developing technologies.
It has been accepted by experts that developing technologies will pose a threat to cyber security in 2025, as in 2024. With the developments in artificial intelligence, quantum computers, IoT devices and cloud technologies, the cost of cyber attacks is expected to reach 12 trillion dollars worldwide in 2025.
5 that will stand out in 2025 cyber security threat
1. The Great Danger Emerging from Quantum Computer: Researchers at Shanghai University in China claim to have found a way to break the most common online encryption method using quantum computers of just 372 qubits.
This effectively demonstrates that advances in niche quantum methods can pose small-scale cryptographic risks, highlighting a gradual progression towards large-scale quantum threats. Experts predict that quantum computers could be powerful enough to break current encryption methods as early as 2025. That’s why it’s critical for organizations to move to encryption methods that can resist quantum decryption before it’s too late.
2. Artificial Intelligence Supported Cyber Attacks: In 2024, attacks powered by artificial intelligence were seen to be effective, especially through methods such as social engineering, phishing, and deepfake. AI-enabled social engineering attacks accounted for 35-37% of all cyber attacks, and this proportion is expected to increase further in 2025.
In addition, attackers, who used natural language processing technology offered by artificial intelligence to make phishing emails more believable, managed to deceive 60% of target users, and the average cost of these attacks for businesses was recorded as 4.88 million dollars.
We predict that in 2025, in addition to the increase in all these attack methods, automatic tools that can exploit security vulnerabilities in real time will be effective in artificial intelligence-oriented cyber attacks.
3. Internet of Things (Iot) and Cloud Security: The development of IoT devices and the transition of businesses to cloud platforms will also increase cyber risks. Attacks on these devices increased by 35% in 2024. On the cloud security side, misconfigurations continued to be the main cause of cyber attacks in 2024. According to research, 83% of organizations report that weaknesses in authentication and access management are a factor in cloud data breaches.
It is predicted that by 2025, more than 90% of companies will use more than one cloud platform and the number of IoT devices will exceed 32 billion. Since many IoT devices, such as smart home technology and sensors, do not meet appropriate security measures, the increase in the number of devices makes them an easy target.
4. Digital Asset Security and Cryptocurrency Thefts: In 2024, digital asset security and cryptocurrency thefts continued to be an important target of cybercrime. In the first half of the year, losses from cryptocurrency thefts reached approximately $1.4 billion. In the second quarter in particular, losses exceeded $600 million, a 100% increase compared to the previous year.
In 2025, as the cryptocurrency market grows further, digital wallets and decentralized finance (DeFi) platforms will be at the forefront among the targets of cybercriminals. “Phishing” attacks and smart contract vulnerabilities, especially against wallets, can cause serious financial losses for individuals and institutions.
5. Cyber Threats on Social Media: Social media platforms will continue to be a major ground for phishing attacks and data leaks. According to Meta’s 2024 security report, such attacks increased by 28% compared to last year.
It is estimated that in 2025, methods such as deeply personalized phishing attacks, artificial intelligence-supported fake profiles and deepfake videos will be used more frequently. Cybersecurity teams will also increasingly rely on AI-powered tools to detect and counter these threats. Individuals and organizations that do not take sufficient cyber security precautions and do not gain awareness against these threats may face serious risks.
Security
Young Hacker Caused Millions of Dollars of Damage
With the advancement of technology, cyber crimes have become increasingly common. It is stated that a 19-year-old young hacker hacked telecom networks and caused damage of 4 million dollars.
With the advancement of technology, cyber crimes have become increasingly common. It is stated that a 19-year-old young hacker hacked telecom networks and caused damage of 4 million dollars.
19-year-old young hacker named Remington Ogletree, hacker He is accused of being affiliated with the Scattered Spider group, exploiting security vulnerabilities, carrying out extensive phishing activities and gaining unauthorized access. According to court records shared by Bloomberg, Ogletree breached the security of two telecom companies, sent phishing links to millions of users and tried to steal large amounts of cryptocurrency from users.
The mentioned hacking incidents took place in October 2023. However, authorities have just announced the developments to raise awareness about potential fraud and cybercrime activities. It is stated that Remington Ogletree sent a total of 8.5 million text messages to users.
The mentioned crimes were not limited to telecom companies. Ogletree’s actions extend to US financial institutions. Because the young hacker managed to deceive 12 employees, obtain sensitive information and access accounts. This is not the first time such cyber crimes have made headlines. Other incidents caused by hackers have also been brought up before.
While Ogletree’s case continues, the events revealed the security vulnerabilities of the telecom industry and what could happen if the necessary precautions are not taken. The names of the hacked telecom companies were not disclosed.
-
Artificial Intelligence2 weeks ago
Apple Settled the Siri Lawsuit Filed Against It for $95 Million
-
Gaming2 weeks ago
Are Half-Life 3 Dreams Finally Come True?
-
Mobile2 weeks ago
Xiaomi 16 Comes with Major Camera Upgrade
-
Mobile2 weeks ago
What are the screen features of iPhone 17
-
Mobile2 weeks ago
Price, Processor and Battery Dimensions of Poco X7 Pro Officially Announced
-
Wearable Technology2 weeks ago
TOZO Announces New Premium Headphone Golden X2 Pro Ahead of CES
-
Mobile2 weeks ago
Galaxy S25 Series Will Come with Free Gemini Subscription and Car Crash Detection
-
Mobile2 weeks ago
Galaxy Z Flip FE May Appear as a Budget-Friendly Device