“Avoid clicking on ads on your mobile device.” That’s the ”best practice” suggested by Blue Coat, an online security company, in its latest report on mobile malware (registration required), or malicious software. The report found that thing most often leading mobile users down the path to malware has ceased to be pornography and is now advertising.
Here’s how it works: Attackers use legitimate ad networks to place ads telling a mobile user he has a virus on his phone. Clicking on the “OK” on the ad pops up a fake system warning prompting the user to remove the virus. He is then directed to download an “anti-virus app“—in the process getting him to change his settings to allow third-party downloads along the way—which is actually designed to steal personal information or install dodgy software. Blue Coat found that malicious ads accounted for one-fifth of all attacks on smartphones in Feb. 2014, up 400% since Nov. 2012. Porn, by contrast, fell to 16% of all attacks.
Still, mobile remains a far safer environment than Windows PCs. Attacks from mobile ads rely on a user’s gullibility and willingness to go along with the prompts. Part of the reason smartphones haven’t been subject to the kind of passive infections common on PCs—where just visiting the wrong website can give hackers an entry point, even if the user doesn’t download anything—is because the tools to do so aren’t easily or widely available. Criminals trying to infect smartphones must put some effort into it.
In comparative terms, therefore, attacks through ads on mobile are fairly infrequent. They are a fifth of all attacks, where ads take up a tenth of all mobile traffic. By contrast, porn accounts for just 1% of mobile traffic but is the source of about 16% of all attacks, because people can more easily be fooled into clicking malicious links. (An example of the sort of tricks employed by peddlers of porn can be found here.) Smartphone users would do well to pay more attention to Blue Coat’s other recommendation: “Avoid pornography on your mobile devices.”