Tablets and smartphones are like the digital gateways to a cyber universe where people share information and consumers engage with online businesses. With the single swipe of a tablet and click on a smartphone, you can connect with others, publish content and offer products and services. Digital spaces are the online marketplaces for exchanging products, services, and information, while mobile devices are the keys that provide the 24/7 access. Mobile devices haven’t just changed how we communicate. These technologies have revolutionized how we consume content and engage in commerce.
More than 1.2 billion people access the Web from their mobile devices and consume an average of 1.8 hours a day of media from those mobile devices, according to an infographic by AF-Studio.pl and Super Monitoring. Among these mobile users, 80 percent of consumers planned to shop online within the year, as of October 2013. The average American also spends about two hours a day on a mobile device, which equates to about 2,387 days in a lifetime. This means the average person will spend nearly 6.5 years on their iPhone or iPad throughout their life (possibly reading your blog or shopping on your site).
For bloggers and online business owners who want to attract audiences and customers, content needs to be mobile—easily accessible, readily available, and safe. Not only does your blog or e-commerce site need to be mobile-friendly, they need to be free of various security vulnerabilities and risks.
Blogging Security Threats
Evernote’s Pocket saves inspirational articles and videos to your tablet for postponed reading. OneNote serves as a writer’s digital notebook for note taking and adding pictures using your phone. The WordPress app edits and publishes blog posts—all from your tablet or laptop that never leaves your side. Bloggers can research, write, post, and share content from anywhere, anytime, and on any type of mobile device. While using the Internet or sharing information on the Web in a public space, you’re always open to security threats. Most obviously, your mobile device can be lost and stolen, exposing your personal content and sensitive information. Security technology company Lookout.com further breaks down mobile security threats into application, Web services and network risks.
- Downloading a fraudulent app could infect your mobile device with malware, spyware and vulnerable apps. Malware is malicious software that can make unauthorized charges and send unsolicited messages. Spyware steals private data, such as user location and browser history, for identity theft and fraud. Flawed apps can also provide vulnerabilities for an attacker to obtain sensitive information or perform harmful actions.
- With an Internet connection, your mobile device is susceptible to Web-based threats. A phishing scam is when an email, text or Facebook message includes a fake link to a website to trick you into providing a password or account info. Drive-by downloads will automatically download an application from a Web page, with or without your permission. Unsafe mobile Web browsers can also trigger a browser exploit that installs malicious software or performs harmful actions.
- Cellular and local wireless networks, such as Wi-Fi and Bluetooth, can be vulnerable to network exploits and Wi-Fi sniffing. An insecure mobile operating system can encounter a network exploit that installs malware. Wi-Fi sniffing is when unencrypted data is sent across the network. A hacker can read this data and use it to their advantage.
Protect your mobile devices from these threats with the following security basics:
- Never install an app from an unknown source. Disable any “unknown sources” box on your phone to prevent an inadvertent destructive installation.
- Download apps from Google Play and iTunes. Check ratings, reviews, permissions, updates, and the number of downloads.
- Monitor identity theft threats. A 2013 Identity Fraud Report by Javelin Strategy & Research found that in 2012, there was an identity theft victim every three seconds in the U.S. (a total of 12.6 million consumers), as Pinow published. Visit secure websites that have an “https://” in the address bar.
- Be aware of imposter websites and cautious while sharing valuable information. Ensure any data you send is encrypted, and furthermore, monitor your personal information with a reliable identity theft protection service.
- Ignore unrecognizable emails, texts and messages with links that are scams in disguise.
- Encrypt your data backups and file syncing to prevent access from third parties.
- Use a Virtual Private Network (VPN) while using public Wi-Fi for safe data transmitting.
- Install an anti-malware and virus protection solution. Malwarebytes Anti-Malware Mobile is an Android mobile security app that can detect and eliminate malware, scan for security vulnerabilities, and protect personal data from unauthorized access.
E-commerce Security Threats
Sure, e-commerce sites don’t experience the threat of shoplifting, but online merchants do experience threats of security breaches and data leakages. Whether you run a blog or online business, security risks can dismantle your livelihood. Ilia Kolochenko, CEO at High-Tech Bridge and Help Net Security contributor, identifies three types of attacks: targeted, semi-targeted and untargeted attacks.
- In a targeted attack, a hacker’s main objective is your e-commerce site and to break into your technical infrastructure.
- In a semi-targeted attack, you’re one of many vulnerable victims whose Web server is shared by the same host. Hackers are efficient, “compromising the weakest link in the security perimeter,” explains Kolochenko on Net-Security.org. Hackers will even break into a user account on your site and collect credentials in plaintext, subsequently, compromising your security. Thereafter, a hacker could expose confidential customer information and delete databases.
- In an untargeted attack, a hacker focuses on victims in large quantities. They troll around, crawling Google bots to find Web application software that’s outdated or weak. While hacking into your website and stealing your databases, a hacker may also infect your site with malware.
Explore your website’s security measures to see if there are loopholes and vulnerabilities. Kolochenko recommends the following hacking prevention tips:
- Replace default or weak passwords with strong and unique passwords that provide trustworthy access to admin panels.
- Use an updated, open source CMS (e.g. Joomla, WordPress or osCommerce), and check its modules and plugins.
- Verify any third-party customized codes.
- Limit access to passwords, site controls and file permissions.
- Select a reputable and highly qualified Web hosting service with excellent client support and a backup plan.
- Back up your website and update software. Backing up your website can help with a security investigation if you do get hacked.
- Contact your Web host and customers if your site gets attacked. Take fast action to repair vulnerabilities and weaknesses.