Most viruses are .exe files which phones don’t use because the Android/iOS uses different types files. Most phones will not be able to “side load” a malicious app, but only install apps through trusted sources like the Google Play store. The default settings is to not install apps from untrusted sources.

And also, you can use the Android OS on a PC to do basic browsing in a secure environment. It would be something like Android-X86 through virtualization such as Bluestacks, WSL, or VirtualBox. there are a few Android-based operating systems you can run virtualized. I do not know about iOS because it’s only designed to run on apple hardware.

The closest you can get to a locked down system like Android is to install an Android-based OS bare metal without virtualization directly on the hard drive. It is possible but requires a lot of knowledge.

The premise of this question is incorrect. Phones can get viruses/malware from web sites, and even from text messages. Computers can have a locked down per-app privilege system where one misbehaving application can’t access the entire computer.

For the latter, it’s just that many users don’t want to run applications like that, because it also leads to quite a few restrictions that many users don’t want to deal with.

There’s a few things to unpack. It’s anecdotal, but I’ve seen tons of other people say they haven’t got a virus on PC in 10 years. Windows Defender is excellent these days, and unless you go out of your way to get a virus, like clicking the “wrong download link” its way more secure than it used to be.

So we’ll reframe the question of why were phones more secure 10 years ago? Most virus developers were/are very well verse in x86, the very basic framework upon which practically desktop CPUs are built on, and they have been built on for nearly 50 years now.

Smartphones use other CPU manufacturers that don’t run x86, they run ARM and now Apple has been rolling out Apple Silicon on phones and their PCs. Viruses built for x86, which is most of them since it’s been around for 50 years, won’t run on these CPUs.

Why haven’t PCs switched then? Compatibility. Viruses for x86 won’t run on ARM sure, but neither will any program built for x86. Which again, also like viruses, is most programs. Only very recently is Windows on ARM becoming a thing, but anything that runs on x86 has to be run on an emulator which dramatically reduces performance. Right now it’s about 50/50 if a program will even run on said emulator.

Also at least for iOS/iPhones the apps are sandboxed starting off with no 3rd party or config needed. Apps in iOS only have access to data/files in their folders and compartimentalized

Phones can absolutely get viruses (or otherwise get hacked) by visiting malicious websites, or opening malicious messages/emails, etc. It has happened in the past multiple times (just [one example](https://www.pcmag.com/news/apple-hackers-might-be-exploiting-this-webkit-flaw-to-attack-iphones)). This is why it’s incredibly important to **install updates update your devices**, including phones, laptops, etc! Updates do include security fixes that prevent those attacks.

That said, attacking phones tends to be harder than PCs because phones are more locked down. For example, most phones restrict you from installing apps from official stores, where they are vetted in various ways. They also implement tighter “sandboxes” that restrict what malicious actors can do. However, harder definitely doesn’t mean impossible.

Different operating systems mostly, All OSs have viruses / exploits, but some are better protected then others. Some are more common, etc… Virus hackers are usually doing it for a purpose (extort money, steal data, create bot-nets, etc) they will target the easiest ways to meet those goals.

Windows is by far the most common and easiest OS to hack (various reasons) Linux and Unix in general is more granular, users (at least on important systems) generally do not have the permissions needed to do things they are not allowed, Phones are generally based on Unix (I believe Iphone’s are based on BSD Unix and Android is based on Linux) There are other variations including some from scratch OSs but they are not all that common.

So Windows is historically more the more common platform as well as being easier to hack due to its legacy and decisions that MS made. hence is the low hanging fruit. Not to say there are not some nasty hacks on other OSs but by far it is windows that is the most insecure.

Attacks where the end device has to do nothing but be on exist for all of them, iOS, Windows, Linux, etc ALL OF THEM.

Think about it like this. The virus is doing the equivalent of getting a person who watched house a couple times to perform brain and heart surgery at once by giving them phone instructions.

However the virus is from the Scottish Highlands, and the number they call can be picked up by someone from China, Istanbul, the Ozarks etc.

So assume basic things (drawing a website, playing a sound) are like HELLO, THANK YOU, GOOD BYE.

Even if it’s not perfect, literally everyone on earth understands those words.

Unless the virus finds a user or computer from that same village in Scotland (operating system version, patch level, installed software) it’s not going to work at all, or be ineffective. (Which has happened a lot, where badly coded viruses failed)

Usually large scale break ins involve some kinda of reconnaissance ( what kind of computers, what models, what operating systems etc) so that the virus can be trained up on the “languages”, needed to get them to work properly

Things you get when you visit websites tend to be targeted to the largest install base the attacker wants. So you aren’t really going to find a whole bunch of exploits for different kinds of computers on a hacked page because the juice isn’t worth the squeeze.

Mobile stuff tends to be more information gathering (don’t let the person know you’re there)

Computer stuff is usually, steal and leave, or destroy and extort.

Etc etc

In simple words, mobile systems are based on computer operating systems which for decades were marginally popular. Viruses were all this time aiming at most popular operating systems, which all the time was one or another Windows from Microsoft, which luckily for them had a lot of vulnerabilities to exploit. Meanwhile these other systems, already based on better solutions and less vulnerable, were developed and improved in a virus-aware manner, to be almost airtight against viruses.

So when the popularity focus moved from PC to mobile devices, it was much better prepared.

You can, they’re just not as common.

Phones have more locked down program permissions, and apps come from restricted sources. That covers the very vast majority of casual security risks most people will encounter.

But there are *absolutely* means to infect a mobile device with a virus, they just take more effort on the part of the attacker.

One part not being talked about much is the concept of an immutable operating system. There’s some experiments with desktop and server immutable operating systems and Ubuntu touch is a mobile version of Ubuntu with this concept.