External Threat Management

Why Mobile User Behavior is Putting Businesses at Risk

Mobile apps are the front lines of the global battle against mobile threat actors. The ubiquitousness of mobile apps across mobile devices and the relative ease at which they can be built, copied, or compromised makes them a frequent target for cybercrime—and the current state of mobile user behavior isn't helping.

With millions of apps to choose from across app stores all over the world, malicious apps can easily blend in with their benevolent lookalikes. According to App Annie’s Retrospective 2016 report, there were 90 billion mobile apps worldwide last year, representing 15 percent growth over the prior year. And, unfortunately, it's not just the cyber security-conscious set who download mobile apps: eMarketer estimated that roughly 98% of US smartphone and tablet app users ages 14 and up would install at least one app in 2016, a wide range of users that’s only growing wider. By 2020, eMarketer projects the number of smartphone and tablet app installers will reach 219.9 million and 144.2 million respectively, up from nearly 185 million and 126 million in 2016.

The risks are real: of RiskIQ's Global Mobile Database, nearly five percent are blacklisted as malicious or fraudulent. Recently, RiskIQ research* found one in 10 mobile apps out of the 5,315 related to Black Friday in global app stores is blacklisted (unsafe to use) as malicious in our Black Friday eCommerce Blacklist Report, as well as hundreds of fake apps related to romance and dating in our Valentine’s Day Mobile Dating App report.

To better understand the inconsistent mobile safety practices among these consumers at risk of being targeted by cyber threat actors on their mobile devices, RiskIQ commissioned Ginger Comms to survey 1,000 U.S. and 1,000 U.K consumers aged 16 to 60+, specifically focusing on smartphone and mobile app usage. The survey was conducted during February and March 2017. The resulting report shows that over half of all respondents regularly display behaviors that put themselves at risk:

  • 55% click on ads promoting apps and 48% click on links in emails, mobile web and social media promoting apps: When users stray from the primary app store environment (Google Play, Apple App Store, Windows Store, etc.) to look for new apps or as a result of clicking on links promoting apps, the risk of downloading counterfeit or compromised apps increases.
  • 40% rarely or never check the app details before downloading, and 54% rarely or never inspect the T&C’s or permissions being requested during app: Applications that ask for suspicious permissions, like access to contacts, text messages, administrative features, stored passwords, or credit card are usually up to no good. Also, if the developer isn’t related to the app’s brand or has a strange appearance or spelling, especially if it’s leveraging a free email service, there is an elevated risk of the app being fraudulent.

Examples of Suspicious Apps:

Mobile is a frequent attack vector for cyber criminals and, unfortunately, the current state of mobile user behavior isn

Mobile is a frequent attack vector for cyber criminals and, unfortunately, the current state of mobile user behavior isn

  • 14% of respondents have jailbroken or routed their phone: While modifying a phone can allow more choice for the user, it also bypasses many of the cyber security mechanisms put in place by carriers and official app stores.

With so many careless users and users lacking mobile cyber security acumen, businesses must take it upon themselves to fight the mobile cyber threat actors fraudulently leveraging their brand. Mobile cyber threat actors develop and highjack fraudulent and unauthorized apps designed to divert users, distribute malware, and steal customer or company data are a critical cyber security issue that affects almost every organization.

For an in-depth analysis of mobile behavior, download Appsession: Is our Appetite for Mobile Apps Putting us at Risk?, a RiskIQ Mobile Consumer Report here. Find out more about how RiskIQ can help you protect your mobile presence here.

*The source of RiskIQ’s Blacklists is our collection of internet data, which our collection architecture of virtual users gathers by scanning, crawling, and passive-sensing the internet—including web pages, mobile apps and stores, and a variety of social websites and apps. RiskIQ’s crawling technology covers more than 300 million mobile devices, 1.8 billion HTTP sessions, 783 global locations across more than 100 countries, 16 million mobile apps, and 300 million domain records.

Subscribe to Our Newsletter

Subscribe to the RiskIQ newsletter to stay up-to-date on our latest content, headlines, research, events, and more.

Base Editor