CNet reported this morning research from a security company called Lookout, that Android users are more than twice as likely to see malware now than they were only six months ago. Mobile users also have a 30 percent chance of clicking on a malicious link.
Malicious mobile attacks come in several varieties including OS-specific software and phishing attacks. Phishing attacks, where the villans send emails claiming to be from trusted sources like your bank, eBay or PayPal warning of some problem requiring immediate response and providing a link for your convenience. Clicking on the link directs the unsuspecting user to a website where they enter their account number, ID and password which of course is recorded and used to steal from the victim’s account. Phishing attacks are device independent since any browser and email-enabled device is vulnerable.
Android users are particularly vulnerable to Android-specific malicious apps. Since the standard to get on the Android Marketplace is so low, and with a wide-open operating system with few security hygene safeguards (Apple’s iOS prevents one app from interfering with another and every app is tested by Apple BEFORE it gets in the App Store), the Android system is a security disaster.
In only the first half of 2011, an estimated 0.5 million Android users were affected by the 350 new Android-specific malware apps released in the Marketplace. Of course, nobody markets their app as malware. They position it as a game, an important security utility or the like and do their nasty work when the user least expects it.
More recently, some developers release a benign app in the Android Marketplace and then add in the malware as an update, once a sufficiently large community of users has developed and instantly infect thousands or millions of Android users.