Today's Edition
By Dr. Mohamed Al Kuwaiti*
Smartphones and tablets have evolved into powerful tools in both daily and professional life. With the near-total reliance on Smart devices and smartphones across all aspects of modern living and work, there has been a troubling surge in the volume of malware targeting mobile devices. These malicious programmes are designed to exploit users, steal their data, or disrupt their devices.
The threat of cyber-attacks against mobile phones has become a tangible reality, as studies indicate that the vast majority of smartphones are vulnerable to at least one critical security flaw, and up to 95% of them can be compromised through a single text message, especially when users neglect the security of their phones and installed applications.
There are many types of mobile malware, with banking-related threats being the most widespread. Attackers aim to infiltrate the bank accounts of users who conduct financial transactions via their smartphones.
Ransomware has also emerged, encrypting users’ files and demanding payment for decryption, exploiting the advanced capabilities of modern devices and unprotected networks.
Spyware, on the other hand, monitors user activity and steals sensitive data such as passwords and location information without the user’s knowledge, often hidden within seemingly safe or useful applications.
The threats do not stop there. In some cases, attackers exploit vulnerabilities in messaging systems to spread malware without the user’s awareness. Trojan horses are also common, infecting devices through text messages and sending premium-rate messages to generate illicit profits at the expense of victims.
In addition, adware has evolved beyond merely displaying annoying pop-ups; it can now install hidden software that grants attackers full control over the victim’s device.
Experts warn that installing large numbers of unnecessary applications, especially from unofficial sources, degrades phone performance and drains the battery, as many of these apps run continuously in the background. Users often underestimate how much data these apps can access.
Some apps request permissions unrelated to their function, for example, a flashlight app asking to access contacts. This poses a serious risk, as personal data could be leaked to third parties who may exploit it for fraudulent activities or targeted phishing campaigns.
Studies show significant differences among operating systems regarding permissions. Android users typically grant all permissions at once during installation, whereas IOS allows users to manage each permission individually. However, some Android app developers bypass these restrictions to collect data even when permissions are denied, further increasing the risks associated with using unverified applications.
For this reason, experts recommend downloading apps only from official stores such as Google Play or the App Store, and regularly reviewing the permissions granted to each application.
To enhance digital security, users should regularly clean their phones of unused applications to minimise risks and maintain performance. Experts advise conducting a monthly review of installed apps, deleting unnecessary ones, organising apps into folders, and disabling irrelevant notifications.
Additionally, users should connect only to secure Wi-Fi networks, avoid opening unknown links or attachments in emails, and install reputable antivirus software with frequent updates.
The growing wave of digital threats targeting mobile devices demands heightened security awareness among users and a deeper understanding of the risks that can compromise smart devices—especially as dependence on smartphones for daily transactions continues to grow.
Therefore, adhering to preventive practices and downloading only trusted applications are crucial steps to safeguard privacy and protect personal data in an era of accelerating cyber-attacks.
* The writer is Head of Cybersecurity Council for UAE Government
