Mobile Cybersecurity – Risk Awareness for Charities

Government research found that one in five charities were affected by a breach of their data in the last twelve months, costing them on average £9470 (Cyber Security Breaches Survey 2019, UK Government)

Mobile cybersecurity may not be at the top of your charity’s agenda right now. Here’s why it should be. Cybercrime can often seem like an invisible threat but by taking a few simple steps you can help protect your organisation’s data and mobile phone hardware. This can stop an attack impacting your day-to-day operations and protect your beneficiaries’ personal information. The amount of client and financial data stored on mobiles make them a prime target for exploitation. In this blog we want to help you understand mobile malware and share how you can protect your organisation’s handsets quickly and easily.

Mobile Malware: What’s the risk?

Malware is short for malicious software and it is a common tool that criminals use to get inside mobile devices, take control of them or steal data. Any mobile device can be infected. The attackers exploit weaknesses in your phone’s operating system by finding new ways to gain access to your organisation’s devices or network. As more and more non-profit organisations choose to move towards digital mobile solutions, the amount of valuable data stored only grows. Taking preventative action is the best strategy to protect against malware – it’s more difficult to address once a handset has already been infected.

The Government’s report recognised that while real data loss and financial risk factors were important for charities to address, intangible assets such as loss of productivity, reliability of service, trust and reputational damage could impact their operations, stakeholders and supporters even more severely. Read on to discover how to identify an infected phone and what you can do about it.

How to Identify an Infected Phone

Mobile phones infected with malware are quite easy to detect – the symptoms look like desktop or laptop viruses. Any mobile device can fall victim – it doesn’t matter if your phone runs Android, Apple or Microsoft. Look out for messages you didn’t send, apps opening by themselves, suspicious links and your battery draining much more quickly than usual. In more rare occurrences, you may also notice unfamiliar charges on your phone bill or your device locking itself completely.

The most common type of attack charities reported was phishing. Phishing attacks look like regular emails or mobile apps, but they are compromised by criminals. They may even look like they come from a contact you know. One of the most common for exploitation is a Microsoft 365 mobile login which harvests the user’s login details to hijack their account – this is called Business Email Compromise (BEC).

Mobile messaging apps commonly used by non-profits can also be attacked, particularly WhatsApp where clicking on false links can steal your data. Another particularly prevalent type of attack is called ransomware where a device is completely locked from use until a ‘ransom’ is paid – this notoriously impacted the NHS and St Johns Ambulance, losing them valuable data, time and money.

Mobile Cybersecurity

Mobile Cybersecurity: 5 Simple Steps to Protect Your Mobiles

Following these five simple steps can help you protect your organisation’s fleet of mobile phones against malware attacks as recommended by The National Cyber Security Centre (NCSC). Make mobile cybersecurity a priority for your charity by following these simple steps:

1. Establish mobile data protection policy and champion awareness with all staff and volunteers – so they know how to identify and report suspicious activity

2. Make sure all your phones are up to date with the latest operating system update on Android, Apple or Microsoft

3. Install mobile antivirus software across your fleet – there are many free and cost-effective options for non-profits

4. Prevent users from downloading suspicious apps by blocking all downloads without administrator approval

5. Make sure all devices are password protected either by number, text or fingerprint locks and that passwords are regularly changed

Find out more about mobile cybersecurity for non-profits on the GoodCall blog or by subscribing to our mailing list. If you’d like to get in touch with us, submit an enquiry form, call us on the number below or find us across social media at @goodcall_mobile.  Contact the GoodCall team here.

 


Our Clients