Businesses must take responsibility for mobile security, when users fail

New RiskIQ report says many mobile users in the UK and US are reckless with their mobile devices.

Mobile users frequently stray from official app stores when looking for new mobile applications, putting themselves under increased risk from malware, ransomware and other malicious actors. This is according to a new report by RiskIQ, which says that users in the UK are a bit more 'conservative', and a bit more on the safe side, compared to mobile users in the US. 

The report, entitled “Appsession: Is our appetite for mobile apps putting us at risk?” is based on a poll of 2,000 mobile users – 1,000 in the UK, and another 1,000 in the US. 

It says that 14 per cent of users jailbreak their mobile devices to modify their operating systems, to use other service providers, and to download apps that they otherwise wouldn’t be able to use.

However, it’s exactly this jailbreaking that’s causing trouble:

“While modifying a phone can allow more choice for the user, it also bypasses many of the security mechanisms put in place by carriers and official app stores,” the report claims. “Staying safe requires heightened security awareness on the part of the user.”

Even though the majority looks for new apps in official stores, web, email or social media (44 per cent) are also a huge influence. More than half (55 per cent) of survey respondents click on ads promoting apps, 48 per cent click links in emails. More than half (54 per cent) don’t read the app’s Terms and Conditions.

Users in the UK seem to be more on the safe side, compared to those in the US. The report says that 36 per cent of UK users use smartphones for work, compared to 45 per cent in the US. Seven per cent have jailbroken their devices, compared to 20 per cent in the US, and UK users have less social media apps on their phones (76 per cent vs 84 per cent). 

“With so many careless users and users lacking mobile security acumen, businesses must take it upon themselves to fight the mobile threat actors fraudulently leveraging their brand,” the report concludes. “Mobile threat actors developing and hijacking fraudulent and unauthorized apps designed to divert users, distribute malware, and steal customer or company data is a critical security issue that affects almost every organization. A data centre-centric, layered security approach needs to be augmented with solutions that monitor your mobile attack surface so they can see it from the outside in—the same way their customers and attackers see it.”

Image source: Shutterstock/Chinnapong