The 2025 Global Mobile Threat Report: Implications for Law Enforcement and Public Safety

Introduction

Over the past decade, smartphones have evolved from simple communication devices into critical digital identities. They now serve as multifunctional tools that facilitate communication, authenticate user identities, manage financial transactions, and access both enterprise and government systems. As mobile technology has transformed, so too have the strategies employed by cybercriminals. The 2025 Global Mobile Threat Report underscores this trend by identifying mobile devices as the primary target in today’s cyber landscape. This analysis, prepared by the Centre for Police Technology (CPT), explores the implications of these findings through the lens of law enforcement and public safety, emphasizing the need for a strategic focus on mobile security.

Rise of Mishing and Social Engineering Attacks

One standout finding of the report is the alarming rise of mishing, a form of mobile-targeted phishing that has now become responsible for nearly one-third of all mobile threats. Within this category, smishing (SMS phishing) leads the charge, accounting for over two-thirds of documented attacks. The inherent trust that users place in SMS communication makes it a potent avenue for deception.

The report notes a 28% increase in vishing (voice phishing) and a 22% surge in smishing. These trends are closely linked to the increasing use of generative AI by cybercriminals. A particularly troubling development is the emergence of PDF-based phishing attacks delivered via SMS, which can evade traditional security measures and exploit user familiarity with mobile document sharing. From a CPT research perspective, such developments significantly heighten the risk of mass-scale fraud and targeted attacks, especially against government officials and operators in critical infrastructure sectors.

Device Vulnerabilities and the Legacy Hardware Problem

The report also reveals troubling structural weaknesses within the global mobile ecosystem. Approximately 25% of devices currently in use cannot upgrade their operating systems due to hardware limitations. These outdated devices remain perpetually exposed to known vulnerabilities, making them particularly attractive targets for cybercriminals.

Additionally, it was found that 23.5% of enterprise-connected devices had sideloaded applications—apps installed from sources outside official app stores. These sideloaded applications often bypass vetting processes and may contain malicious code. CPT’s research suggests that such apps frequently function as covert surveillance tools or banking malware, especially within investigations into fraud and organized cybercrime.

Application-Level and Data Sovereignty Risks

Another critical aspect of mobile threats is the risk associated with work-related applications and their data flows. The report indicates that 23% of mobile apps employed for professional use communicate with servers located in high-risk or embargoed countries. This raises substantial regulatory and public safety concerns, including:

• Data Sovereignty Violations: Questions arise about whose laws apply to data stored or processed in these jurisdictions.
• Unauthorized Cross-Border Data Transfers: Sensitive information could be exposed in ways that violate regulation.
• Exposure of Sensitive Information: Government and corporate data may be inadequately protected.

These risks often remain unnoticed by users and even IT administrators, highlighting the urgent necessity for continuous app vetting and runtime monitoring.

AI Integration: The New Invisible Risk

The report highlights a staggering 160% increase in AI service usage within mobile applications installed on enterprise devices. While AI can enhance functionality and productivity, it introduces complexities in data processing that may not be evident. CPT’s analysis reveals that many AI-driven applications fail to transparently disclose how and where sensitive data is processed, stored, or transmitted.

This opacity presents new challenges for law enforcement tasked with tracing data leakage, surveillance misuse, and navigating cross-jurisdictional cyber incidents. The increasing reliance on AI also elevates the stakes, as investigators must grapple with an ever-evolving technological landscape.

Researcher’s Observation (CPT)

A poignant observation from the CPT study encapsulates the findings: “Mobile devices today represent the convergence of identity, finance, communication, and access control. A single compromised smartphone can provide attackers with persistent access to personal, corporate, and government ecosystems. The findings of this report confirm that mobile security failures now translate directly into cybercrime, fraud, and national security risks.”

This underscores the intertwined nature of personal security and public safety in the modern digital landscape.

Recommendations and Way Forward

Drawing upon the report’s findings and CPT’s independent analysis, several recommendations emerge:

1. AI-Enabled Mobile Threat Protection: Prioritize tools designed to counter sophisticated mishing attacks.
2. Strict Decommissioning Policies: Remove non-upgradeable devices from sensitive environments to minimize risk.
3. Continuous Application Vetting: Implement ongoing monitoring for all apps, particularly third-party and AI-enabled software.
4. Mandatory Device Attestation: Establish processes to detect compromised or rooted devices in real time.
5. Targeted Awareness Programs: Focus education and training efforts on government officials, police personnel, and enterprise users.

For agencies and organizations looking to implement these controls, live demonstrations of mobile protection solutions are available through CPT’s resources.

The data and insights presented in the report emphasize that mobile security is no longer merely a technical consideration; it is now a critical frontline issue in combating cybercrime, enhancing digital policing efforts, and fostering national cyber resilience. As mobile devices become the preferred entry point for cyberattacks, a coordinated response across technology, policy, and human behavior is essential.

For additional research collaboration, advisory support, or implementation guidance on mobile threat protection, contact the Centre for Police Technology at contact@centreforpolicetechnogy.org.