How your phone can infect your email

Most consultants agree that a large proportion of users open and read email on mobile devices.  Until recently, mobile devices have not been targets of malware attacks (while that’s changing, it’s a topic for another time) – but the preeminence of cloud-based email changes this whole attack vector – significantly.

Users accessing cloud-based email via a phone or tablet are in essence “logging-in” to their email service, even if that occurs through a specific mobile app.  Because malware hasn’t been a big issue for mobiles, there are few if any effective anti-malware programs for mobiles.  And in the case of email-borne malware, the mobile isn’t the attack surface anyway – it’s the delivery mechanism.

Here’s how it works.  A recipient uses a mobile to open an email and clicks on the attachment.  Note, they are opening mail in their cloud-based email system, not downloading it to their phone – they are viewing the email.   The malware, on the other hand, has been unleashed into the hosted email service, and if it’s ransomware, is going ahead and encrypting all the files it can locate that are associated with that user (including shared directories and the like, so the infection quickly grows).  The mobile viewer is oblivious to the damage they’ve just caused – until they get a ransom demand.

There is a way to stop this – comprehensive email security that is device independent.  Because the mail is all being hosted in the cloud, a cloud-based email security service like Barracuda Essentials will apply advanced threat detection to identify malware in attachments and link protect to identify malware in malicious links – and stop the attacks before they occur.   It will work just as well with a mobile device as it will with a desktop because it works directly with the email service, i.e. at the source.   And there’s nothing that needs to be installed on that mobile – the service is tied to the user, not the access method.