This is the question I’m often asked, and it ignites passionate debates among users loyal to their chosen platforms. But, from a cybersecurity perspective, it’s not about which platform is inherently safer but understanding that each has its unique vulnerabilities.
In many discussions and particularly in a recent chat I had with HostingAdvice.com, I emphasised the diplomatic answer – cyber-security terminology, we say that “the threat models of iOS and Android are different”. It is also constantly shifting as cyber criminals find new weapons of choice and vulnerabilities to exploit.
iOS users, for instance, are more vulnerable to phishing attacks – 63% of successful mobile phishing attacks have taken place on iOS. Whereas Android battles a larger volume of malware apps. You’re about 15x as likely to encounter malware on Android than iOS – a risk that might soon extend to iOS with the opening of its app ecosystem since the iOS 17.4 update.
I’ve watched as mobile devices become the primary targets for cybercriminals, shifting the cybersecurity battleground. The evolution of mobile threats has been remarkable, and gone are the days when cybercriminals predominantly targeted emails and desktops.
With mobile internet use skyrocketing by 75% since 2015, the methods and frequency of attacks on mobile platforms have intensified, affecting not only individual users but businesses. A striking example of this was the sophisticated social engineering attack on Twilio in 2022, leading to a significant breach.
Such incidents underscore the pressing need for robust mobile threat defence mechanisms, and at Traced, we’re committed to addressing these challenges head-on.
The Top 2 Threats: Phishing and Malicious Apps
At Traced, we’re pioneering the use of AI in Trustd MTD to differentiate between benign and malicious apps and websites, offering users comprehensive protection against the prevalence of phishing and malware apps.
These nuances between benign and malicious are particularly prevalent in SMS phishing links, where cybercriminals employ structural patterns and social engineering tactics. By mimicking the appearance of legitimate organisations’ links, they aim to deceive users into clicking through to malicious content.
To counteract this, we’ve trained our AI using a vast dataset of both phishing and legitimate links. This training enables the deep learning model used in the Traced app and Trustd MTD to effectively identify discrepancies that indicate a link’s reliability.
Our AI engine extends its scrutiny to applications, examining aspects like permissions and language to detect potential threats. For instance, a calculator app requesting camera access would raise a red flag, prompting us to classify the app as potentially malicious.
The need for continued vigilance
Reflecting on the interview and the broader conversation around mobile cybersecurity, it’s clear that the landscape is continuously shifting. As we anticipate changes like the introduction of app sideloading in iOS, the need for vigilance and innovative security mechanisms becomes even more critical.
At Traced, our vision is to empower users to navigate this landscape securely, blending advanced technology with a user-centred approach to cybersecurity. What sets Traced apart is not just our ability to rapidly identify threats through advanced technology but also our emphasis on privacy and ease of use.
We’ve tailored our solution to be as straightforward and non-invasive as possible, catering to everyday teams without compromising security. Our goal is to foster a world where our mobile devices can be used safely.
Meta description:
It’s not about which platform is inherently safer but understanding that each has its unique vulnerabilities.