Zero-Click Attack

What is a Zero-Click Attack?

A Zero-Click Attack involves a bad actor gaining access to a device without a victim clicking on anything. In other words, the victim need not open a malicious attachment or go to a suspect web page to suffer this attack. Hackers can simply slip their malware onto a phone, tablet, or computer undetected.

How to Recognize This Threat: Experts say victims of a zero-click attack likely won’t be able to recognize it. The most well-known example involves spyware installed on targeted phones. Bad actors use this spyware to eavesdrop on all an individual’s correspondence, without the victim’s knowledge.

How to Prevent This Threat: The only recourse an individual has in stopping this attack type is to ensure their devices are patched, as their actions don’t cause infection. As in the attack noted above, unpatched vulnerabilities are the most likely way for a zero-click attack to get through. But strong, layered security with a firewall and endpoint protection will help network devices as well.