RiskIQ survey reveals that U.S. mobile app users face heightened security risks



A new nationwide survey commissioned by RiskIQ of 1,000 people across the country revealed Thursday that over one third (36 percent) of respondents do not consider an app’s details while nearly half (47 percent) never or only occasionally review the privacy policy and permissions requested by the app before downloading. Poor security awareness and an insatiable demand for mobile apps are placing U.S. consumers’ identities and devices at risk.

Such a carefree approach to mobile apps is leaving U.S. consumers vulnerable to cyber criminals seeking to infect the mobile devices and steal information from unsuspecting victims.

In 2015, 45 percent of all transactions originated from the mobile channel while 61 percent of fraud attempts were made from a mobile device. Despite the prevalence of malvertising as an attack vector, RiskIQ’s survey found that 66 percent of respondents have clicked on an advertisement promoting a mobile app, movie or game. This is followed by nearly two-thirds (60 percent) who have clicked on a link in an email, website or social media feed to download an app, movie or game.

Consumers’ propensity to click through without thoroughly inspecting details such as the developer, last version update and any reviews, increases their risk of downloading counterfeit or malicious apps. Alarmingly, on more than one occasion, over one quarter (28 percent) have mistakenly installed an app in the belief that it originated from a trusted source, later to find out this was not the case.

Generational and gender differences in mobile app and security behaviors are also apparent.

Millennials are guilty of clicking before thinking, 37 percent have mistakenly installed an app they believed was from a trusted brand. In comparison, only 11 percent of seniors (60+) done so, while 29 percent of millennials and Gen Xers have jailbroken their phones, citing the freedom to download and install what they want as the biggest factor (68 percent). Almost none of the seniors had done so, while 7 percent of baby boomers have.

Four out of five millennials (81 percent) have clicked on an ad on their mobile promoting a mobile app, movie or game compared to 76 percent of Gen Xers, 54 percent of baby boomers and 32 percent of seniors. Over half of millennials and Gen Xers considered security when buying a new phone (56 percent) compared to 44 percent of baby boomers and 38 percent of seniors.

“Not a day goes by without the news of yet another cyber attack or the emergence of a new threat vector,” said Scott Gordon, chief marketing officer at RiskIQ. “Unlike businesses that have become increasingly cyber security savvy, many consumers remain vulnerable in an ever sophisticated threat landscape. With the volume of personal information being requested and shared through mobile applications, it is time for consumers to improve their online behavior and step up security awareness.”

A sixth of women (16 percent) never read a mobile app’s data and privacy policy or reviewed permissions requested compared to 9 percent of men. Women are less likely to install additional security software on their mobile phones (46 percent) compared to more than half of male respondents (62 percent). Women (41 percent) are less likely to consider security features when buying a new phone versus 64 percent of men.

“The vastness of the app store ecosystem provides the perfect place for malicious actors to hide, luring consumers into believing their apps are official or their brand affiliation is legitimate. With 4.6 percent of all apps in RiskIQ’s database blacklisted, consumers need to be educated about safe app and security behavior and put these measures into practice. Otherwise, there is a real risk of them falling victim to cybercrime,” said Gordon.

 

Leave a Reply

WWPI – Covering the best in IT since 1980