Using a mobile VPN is not just for users trying to hide their activity from prying eyes. A Mobile VPN is essential if you ever use public WiFi. For those of us with smartphones that’s pretty much of all us.
Hackers target the users of public WiFi. They can be hanging around in the same area, using the same internet access point, waiting for a chance to breach your security. If they do they can get away with your personal details, your personal banking security details, or even your Bitcoin wallet addresses and passwords.
This type of attack is called a “man-in-the-middle-attack” (MITM) and is where the hacker can exploit network vulnerabilities to intercept the data you are sending using public WiFi. Don’t forget that any information you enter on a website is data that is sent over the WiFi network you are using.
Using a VPN means your activity and personal data is encrypted on its journey from your device to the web, which can help to protect you from cyber criminals.
Increasingly more security breaches and incidences of hacking are mobile device related.
#1 61% of Transactions Occur on a Mobile Device
The very latest research in the H2 2018 Cybercrime Report, according to Infosecurity, found that 61% of 17 billion online transactions and payments were made using a mobile device. These transactions include online banking activity and online shopping but also account creation and website logins. Hackers and illicit actors realize this and are targeting mobile users who often employ less security on their smartphones than is used on their desktops and laptops.
“We have seen a growth in mobile attack volume, and it is definitely one to watch over the next year. If we look at mobile banking or payments, this is where the transaction patterns are going, and attackers are heading in the same direction.” Rebekah Moody, LexisNexis Risk Solutions.
#2 There Were 150 Million Attacks on Mobile Devices in the First Half of 2018
ThreatMetrix and LexisNexis analyzed 17.6 billion digital transactions for the first half of 2018 and found 150 million incidences of mobile fraud or attacks on mobile devices. This was an increase of 24% on the previous year.
24 million of these attacks were connected with mobile transactions to financial institutions – that’s your online banking.
#3 Mobile Attack Rates Increased by 44% in the US
The same report found that attacks on mobile devices were up 44% in the US, much higher than the rate of increase of 24% for the rest of the globe.
“Mobile is quickly becoming the predominant way people access online goods and services, and as a result organizations need to anticipate that the barrage of mobile attacks will only increase.” Alisdair Faulkner, LexisNexis Risk Solutions.
#4 92% of Mobile Public WiFi Users Ignore Security Warnings from Their Phones
According to CNBC and Adi Sharabani of Skycure mobile WiFi users are so keen to access free networks they ignore key messages giving notification that a WiFi point’s server cannot be verified. 92% of people simply click “continue.”
“Your phone actually has a lot of really good built in technology to warn you when you are going to make a poor security decision. And what we found through our general penetration testing practice and talking to some of our customers is people are very conditioned to just click through whatever warnings it is because they want the content.” Alex McGeorge. Immunity, Inc.
#5 Mobile Application Fraud Increased 600% in the Three Years to 2018
A Dell subsidiary, RSA, published its Q1 2018 Fraud Report which identified that fraudulent transactions originating from mobile applications had increased by 600% in three years. From just 5% in 2015 to 39% in 2018.
“It is clear the mobile channel is still more vulnerable to fraud and requires better protection.” RSA.
The types of fraud at play could include bad actors using stolen identities, fraudulent transactions from new accounts, and new devices but also:
“The highest volume of fraud, or 34% of total value, originates from a known/trusted account and device, which suggests that there is a high likelihood that these devices may be infected with financial malware capable of performing man-in-the-middle account takeover attacks.” RSA.
Malware and phishing are common attack vectors for mobiles. Though not all these methods are initiated by hackers taking advantage of vulnerabilities in public WiFi, mobile users are at risk from all kinds of attack. VPNs can form part of a wider strategy that internet users can employ to protect online privacy
It’s worth remembering not just any VPN software will work on a mobile or tablet. VPNs for PCs and laptops aren’t tailored to problems with mobile communications, like moving between networks and coverage gaps, or the limited technical specifications of mobiles, like processing power.
Learn: What is a VPN
You may need a different solution for Android or iOS, but some VPN providers offer PC, mobile, and multi-device packages. ZDNet recommends choosing a VPN that supports 128-bit encryption and anonymous DNS servers, while not logging connections and browsing history.
“Australia’s Commonwealth Scientific and Industrial Research Organization (CSIRO) recently found 18 percent of 283 tested Android VPNs didn’t encrypt traffic in their tunnels. Worse still, “75 percent of them use third-party tracking libraries and 82 percent request permissions to access sensitive resources including user accounts and text messages.” ZDNet.
As with choosing any VPN, do your research. Some are untrustworthy, others do collect data. Many experts recommend only choosing a paid VPN provider rather than a free one and ensuring you understand exactly what they do to both to protect your information, and with your information. Even paid VPN services can be questionable so look for recommendations and good reviews.