Security firm MacAfee says Canada

NFC, drive-by attacks poised for growth: McAfee

Businesses employing bring-your-own-device programs and individual users are likely to face greater mobile security risks as cyber criminals home in on the growing mobile adoption in Canada, according to security software firm McAfee.

A study commissioned by the company points to an increasing number of mobile-based attacks coinciding with the rising preference of using mobile devices over PCs to access the Internet.

The number of people using PCs to go online will shrink by 15 million over the next four years while the number of mobile users will increase by 91 million over the same period, according to a recent study by analyst firm IDC.

Mobile platforms have become increasingly attractive to cybercriminals as more people “live their digital lives on smart phones and tablets,” according to the McAfee report which focused on Canadian online and mobile habits and concerns.

No less than 85 per cent of Canadians own and use at least one smart phone or tablet and 92 per cent of Canadians believe there is at least “a little risk” to personal identity when using a mobile device. Fifty two per cent said there is a great or moderate amount of risk involved in using mobile devices while 82 per cent of smart phone and tablet users indicated they were concerned their personal informal could be stolen while using a mobile app.

McAfee Labs said that even trusted mobile app sources such as Google Play pose a risk. As much as 75 per cent of malware-infected apps downloaded by McAfee Mobile Security users were housed in the Google Play store.

The average mobile user has one in six chance of downloading a risky app and nearly 25 per cent of risky apps. This includes getting infected via drive-by downloads, when a user visits a hacked Web site that transfers a malware to their mobile device. McAfee expects instances of mobile drive-by downloads to increase in 2013.

These apps can:
-Steal personal information such as banking, email or wireless account details
-Be used in fraud such as SMS scams that will charge users for unapproved premium text messages
-Turn mobile devices into remotely controlled parts of a botnet.

RELATED CONTENT

Analysis: Reducing BYOD risks
Visa gives nod to RIM NFC
Hacked Web sites deliver Android malware for first time

McAfee also warned that growing emergence of near field communication (NFC) technology on smart phones will likely be used as vectors by cyber criminals.

For instance the tap-and-pay feature of NFC technology which is now being used for mobile payments and digital wallet services can be used to propagate malware among a large group of mobile users.

“When a newly infected device is used to tap-and-pay for the next purchase, the scammer collects the details of the wallet account and secretly uses these credentials to steal from the wallet,” the report said.

Related Download
Cisco Secure Mobility Knowledge Hub Sponsor: Cisco
Cisco Secure Mobility Knowledge Hub
This Knowledge Hub provides an end-to-end look at what it takes to discover, plan, and implement a successful Secure Mobility strategy.
Learn More
Share on LinkedIn Share with Google+ Comment on this article