Is your phone now at risk?
ullstein bild via Getty Images
Take this seriously. You must now check if your Android phone is at risk from “banking trojans and spyware, backdoors and data stealers.” There’s a good chance it is. More than 30% of all Androids do not have Google’s critical new updates.
The warning comes from Zimperium, which reports that threats now “bypass simple signature-based defenses by using advanced evasion and dynamic payload delivery.” It says this mandates “timely patching to reduce exposure to mobile malware.”
ForbesSamsung Leak Details ‘Surprising’ Galaxy S26 UpgradeBy Zak Doffman
But Zimperium more than any other security firm has highlighted the growing threat from smartphones that have fallen off support. And while staying safe by “cautious app sourcing, minimized permissions (and) continuous behavior-based monitoring” is critical, nothing is as critical as ensuring a phone’s OS is updated.
Zimperium says that “at any given point in the year, over 50% of mobile devices are running outdated OS versions, and a significant number are compromised or infected.” That number divides between phones that can update but haven’t, and those that no longer have access to fixes. That latter category is now some 33% of Android phones.
Last month was “Dangerous December,” with Google and Apple both warning of attacks against their smartphones and releasing emergency updates. None of the phones now out of support have those fixes. All those phones are now at risk.
While a much lower percentage of iPhones than Androids are usually missing updates, that has changed in recent weeks. Apple’s decision to mandate any device newer than iPhone 11 to upgrade to iOS 26 to receive new security fixes has exposed hundreds of millions of devices. That’s business as usual for Android.
ForbesGoogle Confirms New Upgrade—Gmail Users Must Decide CarefullyBy Zak Doffman
If your phone is no longer receiving manufacturer security updates — ideally monthly, then you really do need to upgrade. If your phone is under support but you haven’t checked and updated recently, then do that now. It’s not worth the risk.
If you cannot get the latest updates, then you also need to reboot weekly — at least. This will kill any spyware or malware running on your phone, albeit that could well restart when your phone restarts. That’s why security fixes are so critical.