“Ignorance and a lack of general awareness by the user are usually the most important factors leading to vulnerabilities,” Krehel noted. “It is important to understand the risks involved with smartphone usage, the potential impact of such vulnerabilities and the security measures required in curbing security risks.”

A 2014 research team from the University of California Riverside and University of Michigan demonstrated their hack of an Android phone and reported their method was successful between 82% and 92% of the time on six of the seven popular apps they tested.

2. Smartphones provide access to sensitive information

As Krehel pointed out, senior management and high-ranking officials in critical financial institution infrastructures are highly likely to have access to sensitive information, data and documents though their smartphones and may even use their phones as storage devices for important information.

Any breach or smartphone hack targeting these users is bound to result in significant consequences.

With such high stakes, organizations and corporations should have clear security policies in place. Detailed risk assessments specific to the organization can usually determine the best network and security guidelines.

In general, the use of smartphones should be restricted in work environments that require high-level security clearances.

3. Smartphone hacking techniques run the gamut

Types of smartphone vulnerabilities, and their consequences, are listed below:

• Malware intrusion. Keylogging programs, phishing scams and other malware specifically designed to collect credit card data, or email and banking credentials, lead to devastating consequences.
• Loss or theft. Unless it's encrypted, stored information on a lost or stolen device is accessible to unauthorized users.
• Unintentional disclosure. Falling prey to phishing attacks, for example, can lead the user to disclose information involuntarily.
• Spyware infestation. Smartphones infected with spyware run the risk of giving malicious hackers remote access.
• Surveillance attack. By hijacking a smartphone hardware feature such as its camera, microphone or built-in GPS, the device becomes a spying tool.
• Network spoofing. A rogue global system for mobile communication access point or Wi-Fi connection allows attackers to intercept and collect information and data.
• Diallerware attack. This malicious application engages the smartphone in phone calls and text messages at premium rates.

4. User education is critical

“Cybersecurity experts and researchers will always insist upon the fundamental belief that there is no such thing as 100% security,” Krehel suggested. “However, security practices and measures can be embraced and followed by smartphone users to enhance the phone's security and lower vulnerabilities.”

User education measures should include: Never leaving financial institution-connected phones unattended, setting a password or PIN lock for the home screen, configuring an auto-lock, using the SIM lock, using trusted applications, maintaining update cycles, embracing encryption and employing anti-malware.

Users should also ensure mobile security applications come from trusted sources and keep anti-malware software updated to combat the newest threats.

5. Good judgement goes a long way

Security researchers always recommend using caution when connecting to an open Wi-Fi network. Connecting to protected and secure networks from trusted carriers also counts as a good security habit.

“Being proactive when looking at links or attachments sent via email, including those from trusted sources, helps users avoid spear phishing campaigns, scams, loss of privacy and identity theft,” Krehel said.

In addition, when switching to a new smartphone, it's important to securely dispose of or recycle your old smartphone, Krehel said.