July 23, 2014

Lookout releases State of Mobile Security 2012 report

lookout_720w

Lookout Mobile Security has released its latest State of Mobile Security report which looks at the various threats that face mobile users.  Not only do we learn what the threats are but we’re also given insight into the various markets which are most often affected.  Spoiler alert: Toll fraud is fast becoming the preferred way of messing up your day – and bank account.

Depending on how you perceive mobile threats, this can be either an eye opening experience or another list of hooey designed to sell a product.  As for us, we prefer to error on the side of judgement so we’ll go ahead and share the details.

Key findings in State of Mobile Security 2012:

  • Mobile malware is a profitable business. The mobile malware industry has matured and become a viable business model for attackers.
  • One type of Malware designed for profit — Toll Fraud — is the most prevalent type of malware.   Primarily impacting Eastern Europe and Russia, Toll Fraud has successfully stolen millions from consumers.
  • As the mobile industry evolves so do mobile threats. Fraudsters are tampering with legitimate mobile tools and advertising systems to achieve broader distribution and make more money.
  • Mobile privacy is a growing issue. Five percent of free Android mobile applications contain one or more aggressive ad networks, which can access personal information or display confusing ads. In addition, a number of high—profile iOS applications raised red flags about privacy issues this year.
  • The likelihood of encountering mobile malware greatly depends on your geographic location. Android malware likelihood is much higher in Russia, Ukraine and China than elsewhere.
  • Mobile malware distribution techniques are diversifying. Attackers are using a combination of new and existing distribution techniques, including email spam, hacked websites that enable drive-by-downloads, and affiliate-based marketing.

Remember kids, there’s nothing out there that will protect you 100% of the time against 100% of the threats.  Unless you are simply not powering your handset on, there’s always a risk that you could encounter something goofy.  Lookout, like other players in this field, want to ensure your Android experience is an enjoyable one, with peace of mind and double rainbows.

We say this all the time, be careful where you visit with your phone and watch what you are clicking on.  If you are about to do download an app, do a bit of research, especially if it’s outside of the Google Play Store, Amazon, or Getjar.  Read reviews, check blogs, and watch your backside.

Lookout’s State of Mobile Security Identifies Malware Designed for Profit and
Privacy as 2012 Growth Areas

Lookout’s report exposes drivers for encountering malware, new malware distribution methods,
profit-making schemes and privacy threats

San Francisco, CA — September 6, 2012 — Lookout Inc., the leading mobile security company,
today shared its State of Mobile Security Report 2012. In the report, Lookout explains the issues
that individuals faced on mobile devices this year and explores the prominent trends in mobile
threats. The report takes a holistic view of the mobile threat landscape, providing important
context on an individuals’ likelihood of encountering threats and analyzing the factors that have
advanced the malware industry in 2012. The findings are based on information from Lookout’s
Mobile Threat Network, which includes threat data collected from more than one million apps
and millions of devices worldwide.

The key findings from the State of Mobile Security 2012 report are:

Mobile malware has now become a profitable industry. Because of its global ubiquity as a
phone payment mechanism, premium text billing is the most common tactic used by malware
writers to commit financial fraud on mobile. This class of malware, termed “Toll Fraud,” has
become the most prevalent type of malware within the past year. Just one family of Toll Fraud
malware, FakeInst, accounted for 82 percent of Lookout user detections in June 2012 and is
estimated to have successfully stolen millions of dollars from people in Russia, the Middle
Eastand parts of Europe.

Mobile privacy is a growing issue. Privacy is one of the biggest issues people face on mobile
devices. In 2012, a significant portion of privacy problems arose from aggressive advertising
techniques, including pushing out-of-app ads and accessing personally identifiable information
without user notification. Lookout estimates that five percent of Android applications include
these aggressive ad networks and these apps have been downloaded more than 80 million
times.

Geography and user behavior are main drivers for encountering threats. People in Russia,
Ukraine and China have a significantly higher likelihood of encountering malware than
elsewhere. User behavior is the other leading factor; people who download apps outside of a
trusted source, like Google Play, have a higher chance of encountering malware.

Visiting unsafe links from a mobile device is one of the most common ways people encounter
mobile threats. Web-based threats like phishing are often able to target both traditional PC
users and mobile users equally, making these schemes easy for malware writers to produce and
replicate. Lookout’s detected that four out of ten mobile users click on an unsafe link over the
course of a year.

Gaming the app ecosystem. Lookout observed malware designed to enable shady app
promoters to conduct download fraud. These malware families primarily affected users in China.
In the past year, Lookout discovered malware capable of automatically downloading apps from
alternative app market sources without the user’s knowledge, rooting the phone to download
additional apps without warning, or installing third-party app stores.

“Trust is one of the most important factors influencing whether people will continue to use
mobile devices to their full potential,” said Kevin Mahaffey, CTO and co-founder of Lookout. “As
smartphones and tablets have come to house our personal data, access financial information,
and power practically all of our communications, there are more incentives for attackers to
strike. Our mission is to identify and solve emerging threats so people around the world can
continue to trust their mobile devices”

Read or download the complete State of Mobile Security 2012 report on the Lookout website.

How to stay safe on mobile

  • Use caution when downloading apps. Only download apps from trusted sources like Google Play and the App Store. Read user reviews and verify the developer is trusted. Be wary of apps that promise a paid app for free.
  • Check for suspicious activity. Review your phone bill regularly to confirm you haven’t been charged. Unusual charges could be a sign that your phone is infected, the result of premium SMS fraud.
  • Use caution when surfing the web. Pay close attention to the address when you click on a web link; make sure it matches the web site it claims to be.
  • Guard against malware. Download a mobile security app for your phone, like Lookout, that scans for malware, spyware, and other viruses.

About Lookout
Lookout is a mobile security company dedicated to making the mobile experience safe for
everyone. Lookout delivers award-winning protection from the growing threats facing mobile
users today, including malware, phishing, privacy violations, data loss, and loss of the phone
itself. More than 25 million individuals across 400 mobile networks in 170 countries use Lookout
to protect their mobile devices. The company is recognized by World Economic Forum as a
Technology Pioneer for its global technology leadership. Headquartered in San Francisco,
Lookout is funded by Accel Partners, Andreessen Horowitz, Index Ventures, Khosla Ventures
and Trilogy Equity Partners. For more information and to download Lookout, please visit
mylookout.com.