With 3.8 million cyber-crime offences[1] reported in the UK last year, cyber criminals are capitalising on consumers poor security awareness. Despite the prevalence of malvertising as an attack vector, RiskIQs survey found that 45 per cent have clicked on an advertisement promoting a mobile app, movie or game. This is followed by over a third (37 per cent) who have clicked on a link in an email, website or social media feed to download an app, movie or game. Consumers propensity to click through without thoroughly inspecting details such as the developer, last version update and any reviews, increases their risk of downloading counterfeit or malicious apps. Alarmingly, on more than one occasion, one in ten (12 per cent) have mistakenly installed an app in the belief that it originated from a trusted source later to find out this was not the case.
Colin Verrall, VP EMEA, RiskIQ comments, Unlike businesses that are becoming increasingly mobile security savvy, many consumers remain unaware and vulnerable. Given the volume of personal information being requested and shared through mobile applications, the need for better mobile security awareness has never been greater.
Generational and gender differences in mobile app and security behaviours are also apparent:
Generational differences Millennials more vulnerable
- Millennials are guilty of clicking before thinking, 14 per cent have mistakenly installed an app they believed was from a trusted brand. In comparison, seniors (60+) have never or rarely done so
- 13 per cent of millennials have jailbroken their phones, citing the freedom to download and install what they want as the biggest factor (73 per cent). Almost none of the seniors had done so, while 10 percent of Gen Xers and 3 per cent of baby boomers have
- Over half of millennials (56 per cent) have clicked on an ad on their mobile promoting a mobile app, movie or game compared to 51 per cent of Gen Xers, 38 per cent of baby boomers and 25 per cent of seniors
Women at greater risk
- A quarter of women (26 per cent) never read a mobile apps data and privacy policy or review permissions requested compared to 17 per cent of men
- Women are less likely to install additional security software on their mobile phones (39 per cent) compared to more than half of male respondents (53 per cent)
- Women (28 per cent) are less likely to consider security features when buying a new phone versus 39 per cent of men
The vastness of the app store ecosystem provides the perfect place for malicious actors to hide, luring consumers into believing their apps are official or their brand affiliation is legitimate. RiskIQ works with many major organisations to police their apps and brands across hundreds of different app stores but its no replacement for consumer vigilance. With the number of blacklisted apps** doubling between 2015 and 2016, its time for consumers to up their security awareness game, concludes Verrall.
[1] Office of National Statistics, Crime Survey of England and Wales, July to June 2016