India Tops Mobile Malware Target: Crisis Demands Digital Literacy Apart from using modern devices, information literacy and privacy and security awareness are also key components of digital literacy
You're reading Entrepreneur India, an international franchise of Entrepreneur Media.
Digital literacy includes several components, and using digital devices (mobile phones, computers, and tablets) is one of them. In India, from Tier-I to Tier-IV cities, most people have access to mobile devices, even if they lack computers or tablets. According to the latest data from the Telecom Regulatory Authority of India (TRAI), India's telecom subscriber base crossed the 1.2 billion mark in April 2024. Wireless subscribers continue to dominate the total subscriber base, reaching 1,165.49 million during the reported period.
Apart from using modern devices, information literacy and privacy and security awareness are also key components of digital literacy.
Unfortunately, India lacks significantly in these two areas. As a result, issues like misinformation, fake news, and human errors, such as clicking on phishing links, sharing one-time passwords (OTPs), and getting scammed by fake banking websites, are rampant.
A recent report by Zscaler ThreatLabz, 2024 Mobile, IoT, and OT Threats, has raised alarms about the same concern. India has become the top global target for mobile malware attacks, accounting for 28 per cent of the total, surpassing the United States (27.3 per cent) and Canada (15.9 per cent) between June 2023 and May 2024. In 2023, India was ranked third globally. Additionally, according to the Delhi Police, online scammers had stolen a staggering INR 452 crore from Delhi residents' accounts by June 2024. The national figure would be exponentially higher if data from all Indian states were analyzed.
The findings also revealed troubling trends in the Asia-Pacific (APAC) region, where India represented 66.5 per cent of mobile malware targets. This is accompanied by increasingly sophisticated phishing campaigns targeting users of leading private Indian banks. Scam callers often pose as bank representatives to solicit OTPs, and fake banking websites closely resembling legitimate ones are used to trick mobile users into sharing sensitive banking credentials. As per report, 45 per cent year-over-year increase has been noticed in IoT malware transactions
On a positive note, India has shown some success in mitigating outbound threats, ranking seventh in the APAC region as a malware origin point—an improvement from fifth place last year. Singapore, China, and South Korea currently lead in this regard.
Suvabrata Sinha, CISO-in-Residence, India at Zscaler, explained that legacy systems (outdated software, hardware, or technology solutions) and unprotected IoT or Operational Technology (OT) environments are becoming prime targets for cybercriminals. "We see a significant rise in hacking campaigns targeted at these environments. It is necessary for Indian enterprises to adopt a robust Zero Trust security framework to secure their core operational environments. This will not only protect critical systems but also ensure business continuity in an increasingly connected world," he stated.
Deepen Desai, Chief Security Officer at Zscaler, further added, "Cybercriminals are increasingly targeting legacy exposed assets, which often act as a beachhead to IoT & OT environments, resulting in data breaches and ransomware attacks. Mobile malware and AI-driven vishing attacks add to that list, making it critical for CISOs and CIOs to prioritize an AI-powered Zero Trust solution to shut down attack vectors of all kinds and safeguard against these threats."
