1. List the damages which happen while the mobile phone been attacked.
1.1. Data Leakage
1.1.1. Mobile apps are often the cause of unintentional data leakage. For example, “riskware” apps pose a real problem for mobile users who grant them broad permissions
1.2. Unsecured Wi-Fi
1.2.1. No one wants to burn through their cellular data when wireless hot spots are available—but free Wi-Fi networks are usually unsecured
1.3. Madware and spyware
1.3.1. To collect your data for the purpose of better targeting you with ads. On top of that, madware often comes attached at the hip with spyware. Spyware collects data about you based on your internet usage and transmits it to a third party. That data is then bought and used by companies to send you advertisements.
1.4. Viruses and Trojans
1.4.1. Viruses and Trojans can also attack your mobile devices. They typically come attached to what appear to be legitimate programs. They can then hijack your mobile device and mine the information it holds or has access to, such as your banking information. Viruses and Trojans have also been known to send premium text messages that can be costly
1.5. Drive-by downloads
1.5.1. Drive-by downloads refer to any malware installed on your device without consent. If you visit the wrong website or open the wrong email, you might be exposed to a drive-by download that automatically installs a malicious file on your mobile device. The file could be anything from adware, malware or spyware to something far more nefarious, like a bot, which can use your phone to perform malicious tasks.
1.6. Browser exploits
1.6.1. Browser exploits take advantage of known security flaws in your mobile browser. Browser exploits also work against other applications that function with your browser, such as PDF readers. If you see that your mobile browser’s homepage or search page has unexpectedly changed, it could be a sign that you’re a victim of a browser exploit.
2. methods or techniques used to hack a smartphone
2.1. Social engineering
2.1.1. The easiest way for any hacker to break into any device is for the user to open the door themselves. Making that happen is easier said than done, of course, but it's the goal of most forms of social engineering attacks. application code running in a sandboxed mode that prevents it from escalating privileges and taking over the device.
2.2. Malvertising
2.2.1. One particularly important vector for these kinds of deceptive dialog boxes are so-called "malvertisements," which piggyback onto the infrastructure developed for the mobile advertising ecosystem, whether in a browser or within an app.The goal is to get you to click on the advertisement," says Chuck Everette, Director of Cybersecurity Advocacy at Deep Instinct. "They are trying to lure you in with something that will get you to click before you think—a knee-jerk reaction, or something that looks like an alert or warning." The aim, he says, is to "try and scare you or tempt you into clicking on the link.
2.3. Smishing
2.3.1. all-important tappable link in front of their victims is SMS text messaging, with a whole different set of social engineering tricks in play; the practice is known as SMS phishing or smishing, and it snags the gullible and the high-powered alike.hackers using zero-day exploits of mobile browsers can push a malicious file onto a phone without user consent as long as they click the link.
2.4. Malware
2.4.1. seek out someone who's already done so deliberately by jailbreaking their phone. Jailbreaking is seen by many as allowing users to better customize their device and install the apps of their choice from unofficial sources, but by its nature it relaxes the strict security sandboxing that keeps smartphones locked down.Hackers create applications that users would have a genuine interest in, such as a free VPN, with the intention of downloading malware onto unsuspecting users’ devices," says David Schoenberger, founder and Chief Innovation Officer of Eclypses.
2.5. Pretexting
2.5.1. an attacker can go over their head to their mobile provider. You might remember the mid '00s British media scandal in which tabloids used what they called "blagging" techniques to access the mobile voicemail boxes of celebrities and crime victims. This process, also known as pretexting, involves an attacker piecing together enough personal information about their victim to plausibly impersonate them in communications with their phone provider and thus getting access to the victim's account.
2.6. Breaking in via Bluetooth
2.6.1. There are a pair of wireless attack vectors that hackers can use to breach phones without tricking anyone into giving up permissions. Both require physical proximity to the target but can sometimes be pulled off in public spaces. "The Bluetooth connection is one of the weak spots for a smartphone, and hackers often use special methods to connect to devices that operate on Bluetooth and hack them,"