With the smartphone market literally exploding with users, it’s no wonder that Cyber criminals are trying to cash in on the action as well.
It has long been known that there are more inherant risks associated with online banking than by physically going to the bank. However, with cellular technology advancing, and people wanting more apps for their phones, banking institutions came up with mobile apps for their customer base.
Although this has offered more flexibility for the average consumer, it has also opened a sort of “pandora’s box” in terms of mobile-malware.
However, even with these conveniences at hand, many people are still hesitant to install these apps on their mobile devices, and for good reason. “According to Metaforic, 68% of smartphone owners who have not yet adopted these apps are holding back due to security fears, while only 12% believe that the effort of downloading and installing such apps doesn’t justify the convenience.” This coupled with the fact that both Android Malware is up 3,325% (that’s not a typo), and that 92% of the top iphone apps have been compromised makes for a pretty compelling argument against mobile banking.
In fact, Gartner Security has now reported the first publicly announced banking app losses, to the tune of $78M+. (stolen via automated back-end servers targeting people’s online accounts). The forseable trend is that this will continue to be the case as mobile apps gain in popularity and capabilities.
“As the convenience of smartphones fuels the surging popularity of mobile banking apps, it’s clear that the average user may not understand the risks involved, and is not taking the security steps needed to protect their mobile devices,” said Dan Stickel, CEO of Metaforic. “Unless mobile apps are immunized against unwanted modifications, both users and banks face potentially staggering financial risks. It’s just a matter of time until a major breach occurs.”
Travelling has become easier and easier to do. Simply choose your destination (hotel, car, airlines), and book it all online. You will then get an email(s) outlining your travel particulars.
However, it seems as though you don’t even have to be going anywhere in order to receive travel confirmation emails in your inbox. You guessed it. Email malware!
The latest attempt by malware peddlers is in the form of a KLM airline email ticket. It even goes as far as using a layout that is about 95% accurate to the original. However, there is critical information missing on the fake ticket that the malware developers have so thoughfully included in the email attachment. Yah, right! (KLM-e-Ticket.zip).
Antivirus developers had analyzed two binary files extracted from two different KLM attachments, and both of them grant remote shell access to the compromised machine via telnet to port 8000. It turns out that these binaries are not limited to the KLM email virus either, as they have also been used with spam campaigns impersonating Microsoft and Telstra as well.
“Although this scam does not specifically target KLM customers, those who have made recent ticket purchases as well as recipients who may fear that an unauthorized credit card purchase has been made could fall victim,” the researchers point out.
Always keep an vigilant eye on your email, and exercise caution. If you are unsure as to whether a purchase was made online, contact your financial institution.
It has been just over 10 years since the first smartphone was released, and technology continues to advance at breakneck speeds. With current smartphones’ ability to browse the internet, triangulate your position via GPS to mere meters, as well as perform a host of other functions, it was only a matter of time before malware developers jumped on the bandwagon as well.
Mobile malware – the next cash cow
Everyone has heard of someone being charged exorbant rates for text messages. This is called “Premium Text Billing” or “Toll Fraud”, and has become the most prevalent type of mobile malware within the past year.
Just one family of Toll Fraud malware, FakeInst, is estimated to have successfully stolen millions of dollars from people in Russia, the Middle East, and Europe.
Privacy among Mobile users is a growing concern
Mobile privacy concerns continue to climb as a result of aggressive advertising techniques, including pushing out-of-app ads and accessing personal info without the user consent. It is estimated the although 5% of applications utilize these aggressive advertising techniques, the apps that are known to contain these techniques have already been downloaded over 80 million times.
Geography and Human Behavior linked to malware risk
Not only does geographic location play a big role in Toll Fraud, but also Human Behavior. As it turns out, people in Russia, Ukriane and China have a significantly higher likelihood of encountering malware than anywhere else. Application downloading seems to also be another very important factor. The more likely the user is to download an app from an untrusted source, the higher the likelihood that their mobile device will become compromised.
The act of visiting unsafe links from mobile devices is one of the most common ways to get infected. Web based threats such as phishing are able to target PC and Mobile based users equally, making it extremely easy to replicate the threat on a different platform. It was also found that 4 out of 10 users have clicked on a unsafe link within the past year.
With mobile devices quickly becoming the main communication medium for many people, the percentage of malware specifically designed for those devices will continue to climb. It is paramount that users adhere to guidelines regarding safe downloading and browsing (such as that of computers). By putting these guidelines into practice, only then will the end user be able to adequately prevent malware from compromising their mobile device.
There’s been a lot of talk lately about Cloud Computing. What is it? How does it work? Is your computer safe while using it? Let’s address some of the questions – First, cloud computing is basically your computerized data (songs, e-books, mail, and other documents) available to you with internet connection, sharable, and ‘floating’ around numerous devices that you can use to access it. Believe it or not, cloud computing has been around longer than people realize, and if your careful, you can keep your data safe and prolong the useful lifespan of your system.
Protecting Important Files with Cloud Computing
Second and what many may not know, is that there are many applications that we use on a regular basis that are cloud based. For example, Google Docs., online gaming, even certain networking sites are on a cloud and you could have some very important data on any of them. This is data that could be very detrimental if it is lost or stolen, so a cloud provider must have sufficient security and data recover measures in place. Mechanical or natural disasters could easily destroy the information on your computer, but storing it off-site in the cloud will provide backup and safe storage you need.
It’s also important that you never share your log in information with anyone, even if they say they’re performing maintenance, or updates. Some of the security measures will depend on your own caution, and your provider will never ask you to provide sensitive information. Cloud technology is being used for more and more applications, and the proper usage can help you protect important information and extend the life of your computer.
Not Just Any Old Password
With that in mind, take your password to the next level. Make it super strong using a long mixture of letters and numbers. Create your own phrase with or without spaces and test out the security strength. It’s better to come up with an unbreakable password like ‘my2Yorkiesatemy09Sandwich’ which will hold much more weight in an instance of hacking next to a wimpy phrase like ‘ilovedogs.’
There’s also greater defense when using a two-step verification password as well. Not only do you need to know the password but the security question too. Many online banks use this, and also remind you to change it after a few months. Also, use different passwords for different jobs. This way, if someone gets at your information on a certain website, they won’t be able to use it to get at the things you have stored in the cloud.
Lastly, malicious viruses can pop up and in this case your cloud computing experiences will not be fun. Your computer running smoothly will assist so that your uploading and downloading processes won’t be compromised. And as mentioned before, you aren’t alone in this process either. The cloud service provider should be working on their end to ensure the viruses and malware don’t infect your information while it’s in the cloud (which means you have people watching the system 24/7 to protect your data), but you will still be responsible for the performance of your own computer.
David Malmborg works with Dell. When he isn’t working he enjoys hiking, spending time with family and researching new technology.