35 Phone Hacking and Mobile Security Stats

The global mobile security market is expected to reach $14.82 billion by 2028 (Astra), emphasizing the growing priority of protecting mobile devices from cyber threats.

As users increasingly rely on phones for communication, banking, and data storage, security practices are crucial in combating rising threats like malware, phishing, and outdated software vulnerabilities.

This report presents a comprehensive overview of the most pressing trends in mobile security.

Top Mobile Security Statistics for 2024

The following statistics capture the core of mobile security challenges and user behavior:

• In 2024, 6.3% of smartphones had a malicious app installed.
• 70% of online fraud is accomplished through mobile platforms.
• 83% of phishing sites specifically targeted mobile devices.
• 31% of devices had out-of-date operating systems in Q3 2024.
• Iran has the highest mobile malware infection rate at 30%.
• Around 24,000 malicious mobile apps are blocked on a daily basis.

Sources: Certo, Norton, Zimperium, Lookout, Astra, Varonis

Phone Security Habits and Risks

Smartphones have become digital lifelines, yet user behavior often leaves them vulnerable. Weak passcodes, shared access, and poor security habits remain common. These trends expose users to identity theft, fraud, and data breaches.

• 59% of people know their partner’s phone passcode.
• 29% of couples share devices like phones or tablets.
• 78% of people use their smartphones for mobile banking, 85% for accessing email, 71% for managing social media, and 51% for digital wallets.
• 18.8% of devices lacked a security lock in Q3 2024.
• Only 13% of users aged 65+ use a screen lock and regularly update their phone’s apps and operating system, compared to 23% of younger users.
• 45% of people use the same PIN for their phone, apps, and bank accounts.
• There was a 680% increase in fraud transactions originating from mobile apps between 2015 and 2018.
• 70% of online fraud is accomplished through mobile platforms.
• Only 31% of people think that installing spyware on someone else’s phone is illegal.

Sources: Certo, Certo (2), Nuke, Lookout, Pew Research,  Norton

Mobile Threat Landscape

Mobile devices are at the center of cybercriminals’ strategies, with attackers deploying rogue apps, phishing scams, and malware. As new threats surface daily, enterprises and individuals must stay vigilant to counter increasingly sophisticated security breaches.

• In 2024, 6.3% of smartphones had a malicious app installed.
• The most detected spyware app in 2024 was mSpy.
• More than 300,000 Android users have downloaded banking trojans from the Google Play Store.
• Around 24,000 malicious mobile apps are blocked daily.
• One in four protected devices worldwide encountered malware in 2024.
• Iran has the highest mobile malware infection rate at 30.3%.
• Unique mobile malware samples increased by 13% in 2024 over the previous year.
• One in 36 mobile devices has a high-risk app installed on it.
• 82 rogue apps are identified daily, and one in five cyberattacks are linked to rogue apps.
• Sideloaded apps have a 200% higher chance of containing malware.
• 83% of phishing sites specifically target mobile devices.
• 10.9% of enterprise Android devices experienced at least one phishing attack per quarter in 2024.
• 19% of enterprise iOS devices experienced at least one phishing attack per quarter in 2024.
• The number of mobile devices connecting to unsecured networks increased by 45% in 2024.
• The number of mobile devices connecting to rogue access points doubled in 2024.

Sources: Certo, Varonis, Zimperium, Astra, Norton, Lookout

Device Vulnerabilities and Updates

A significant portion of mobile security risks stems from outdated software and poor update practices. Unpatched vulnerabilities and lack of encryption leave millions of devices open to attacks, highlighting the critical need for proactive device management and system updates.

• 44% of iPhones do not have automatic updates enabled.
• In Q4 2024, 17.23% of Android devices were running an OS version that no longer received security updates.
• In Q4 2024, 6.73% of iOS devices were running an OS version that no longer received security updates.
• 31.1% of devices had out-of-date operating systems in Q3 2024.
• 12.3% of Android devices had outdated security patch levels (ASPLs) in Q3 2024.
• 82% of Android devices are vulnerable to at least one of 25 known vulnerabilities in the Android OS.
• 35% of iOS vulnerabilities in H1 2024 were classified as high or critical.
• 4.5% of devices were unencrypted in Q3 2024.
• 2.4% of iOS devices run apps installed from outside the App Store.
• 80% of iOS versions in 2023 were actively exploited.
• 1.363% of iOS devices were jailbroken in 2023, representing 18.8 million potentially insecure devices.

Sources: Certo, Lookout, Astra, Zimperium

Final Thoughts

Mobile security is no longer just about protecting devices—it’s about securing the growing web of personal and financial activities that smartphones enable.

The rising sophistication of mobile threats, from rogue apps to phishing attacks, shows that cybercriminals see these devices as prime targets.
At the same time, user behavior, such as sharing passcodes and delaying updates, continues to create vulnerabilities.

Addressing these challenges demands not just better security tools, but also a cultural shift where users take a more active role in safeguarding their digital lives.