Mobile threats are soaring and are getting even creepier.
In the U.S. mobile malware rates jumped 75 percent in 2014 from 2013, according to a report published Thursday by the mobile security firm Lookout. (The report, which was based on the firm's 60 million users, reflects the number of devices that were attacked, but not infected because they had installed anti-virus software protection.)
The surge in mobile threats primarily stemmed from a boom in a specific type of malware called "Ransomware."
Read More Top 5 cybersecurity risks for 2015
Mobile Ransomware is a type of malware that locks users out of their device until they pay a ransom, and is usually spread by downloading software masquerading as something else.
One notable type of Ransomware called ScarePackage poses as an Adobe Flash update or as a anti-virus app and when downloaded it locks the user out of their device.
While infecting people with Ransomware may be more complicated than using other types of malware, hackers are increasingly adopting this method of attacking mobile devices because the payout can be big, said Kevin Mahaffey, Lookout's co-founder and chief technology officer.
"It all goes back to monetization, what's the endgame? While it can be complicated it can generate a huge amount of money," Mahaffey said. "The bad guys aren't stupid and they wouldn't do this if they weren't making money."
Mahaffey said that cybercriminals will sometimes demand as much as several hundred dollars before unlocking the device.
The report notes that the majority of the targeted devices were Android. Apps for Android devices can be downloaded anywhere on the Internet and unlike Apple's App Store, which requires all apps to be approved, apps in Google's Play Store are not.
But Mahaffey said the primary reason Android phones are under attack more is simply because Android devices outnumber Apple devices.
"It's not that there is some magic thing about Apple, it's because there are just more Android devices so it makes sense they would target that broader base," he said.
Mahaffey also said that cybercriminals are gradually shifting to targeting more iOS devices as they gain a bigger market share.
The best thing consumers can do to protect themselves from getting some type of malware is to not download shady apps, Mahaffey said. Make sure you are downloading from a legitimate app store and if something looks fishy, it probably is.
Also, if an app asks for access to a lot of unnecessary data or for administrator access, do not download the app, he said.
It's also important to have strong passwords and to have mobile security software on your devices.