What are the security problems of mobile phones?

Abstract: While smart phones bring convenience to people, there are also many security loopholes that threaten the security of personal information. What are the hidden dangers of mobile phone security? Below, I will take stock of several common mobile phone security issues for you.

What are the security issues of smart phones?

phishing

Phishing means that criminals send a large number of deceptive spam messages or short messages or instant messaging messages claiming to come from banks or other well-known institutions, to lure the recipients to provide sensitive information (such as user name, password, account ID or credit card details), and then use these information to impersonate the victims to conduct fraudulent financial transactions, so as to obtain economic benefits.

Trojan horse virus

Trojan horse is a hacker tool based on remote control. It is usually disguised as a software package, compressed files, pictures, videos and other forms, and lures users to download and install through web pages, emails and other channels. If users open this kind of Trojan horse program, their computers or mobile phones and other electronic devices will be controlled by criminals who write Trojan horse programs, thus causing harm such as information files being modified or stolen and funds in electronic accounts being stolen.

Pseudo base station

Pseudo base stations generally consist of a host computer and a laptop computer. Through the pseudo base station, criminals can search for mobile phone card information in a certain range around the equipment, and pretend to be the operator's base station, pretending to be any mobile phone number, and forcibly sending short messages such as fraud and advertisements to the user's mobile phone.

information disclosure

At present, some small and medium-sized websites have weak security protection ability and are vulnerable to hacker attacks, so many registered users' usernames and passwords are leaked. However, if the user's payment account is set with the same user name and password, it will be easily stolen.

Decompilation modification

APP is equivalent to installing a set of software on the user's mobile phone, which cannot be self-contained. It must call the interface of the server to obtain data before it can be displayed on the mobile phone. Users who have installed the APP have the opportunity to decompile and modify it, so as to deeply study and understand the business logic of the system and obtain any data of the server at will. But the program files of B/S architecture are all installed on the server, and the client can't get any code. The server is protected by firewall, intrusion prevention and other software and hardware security measures, so it is impossible for ordinary users to get several system program files. From this perspective alone, APP applications have no security at all.

Illegal software intrusion

Because mobile phones belong to individuals and are networked, various illegal software may be installed unconsciously in the process of browsing the web and downloading applications. Some unscrupulous manufacturers automatically implant their backdoor software in the background during the process of installing mobile phone applications. These softwares steal eavesdropping data unconsciously in the background, and users may have obtained, analyzed and used these data without knowing it.

Man-made malicious theft of data

Many people in the unit, especially the leaders, are not familiar with complicated installation and configuration operations such as andriod and ios, and often need system administrators or other skilled people to assist them in installation and configuration. If the system administrator is out of his mind and quietly installs eavesdropping or Trojan software on his mobile phone, then the phone number of this leader and the work approval they handle will be illegally obtained in the future, and his personal and even the whole unit will have great security risks.

The security and confidentiality of data are not guaranteed.

People are generally used to setting up automatic login when using mobile APP applications, so that once the mobile phone is used or lost by others, the internal data or confidential information of the office system will undoubtedly be leaked.

The spread of confidential information in this unit is uncontrollable.

Because the mobile phone is mobile, the communication signal is very unstable. All mobile APP applications will generally download system data to the mobile device for storage, so as to realize the continuity of the system. In this way, documents, materials, approvals, etc. , can only be circulated within the unit, and may spread to any place because of mobile phones, posing a threat to the information security within the unit.

The technology accumulation of smartphone operating system is not enough, and there are many loopholes in the system.

Smartphone operating system is full of loopholes. Therefore, mainstream operating systems such as andriod and ios will launch a big version upgrade plan in less than one year, and mobile apps generally cannot be modified and updated in time. If there are security loopholes, it will cause losses to the company's information security.