Do XSS Attacks Work On Mobile Phones?

Some people seem to think that just because they are on a mobile phone that the rules of computer security do not apply to them anymore. Nothing can be further from the truth. Sure, it might be a little bit true if you are on a phone that doesn’t have all of the capabilities of a modern day smart phone but if you are on one then you need to be worried about the security of that phone as well. While an attack that may work on a computer will need a few changes to be able to work on a smart phone, rest assured that it can be done and it is something that you have to worry about.

do XSS attacks work on mobile phones?

How does an XSS attack affect your phone?

Let’s take for an example an XSS attack. An XSS attack is a cross site scripting attack. It means that an attacker is able to inject code into your web page that is going to infect the end user. Usually this attack is done by finding a form and placing JavaScript code inside of it. The code then calls out to the host server and puts something nasty on the end users computer.

The same thing is possible with your smart phone as well. While your average smart phone has an ARM based processor, attackers are getting used to the new architecture and are creating hacks for it just like they did on the x86 based computers.

A big experience in using a smart phone is using the browser. One of the biggest appeals about using the latest smart phones is that you not only have apps but you have a serious browser that you can take with you on the go as well. And this is how the XSS attacks are spread, through your browser. If you are not careful, if your phone becomes infected, it can dig through the personal information that you have on the phone and send it out.

When you are talking about browsing the web on your mobile phone just make sure that you follow the same rules as you do on your computer at home.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind