As we approach the nitty gritty of the digital age,
technology has grown and is still growing rapidly, likewise the activities of
cyber criminals in keeping up with the emerging trend. With invention of smartphones,
tablets, iPads, iPods and potentially many billions of Internet-connected
devices of all kinds, Internet security is now shifting from the desktop,
laptop and the data center to the home, the pocket, the purse, and, most
importantly, the infrastructure of the Internet itself. People now rely more on
mobile devices, thus, more spam, scams, and threats are tailored to these
devices.
Email has been the major attack vector for scammers, but
in keeping up with the emerging trend, they are now leveraging social media
platforms and mobile Apps to carry out their filthy activities. This is very
lucrative for these scammers as users of social media platforms are more likely
to click and share something posted by a friend thus spreading it rapidly. Many
people have this mindset that cyber threat occurs only in desktop and laptop
computers, ignorantly neglecting the basic security precautions on their mobile
Apps and smartphones. In study conducted by Symantec in 2014, it was observed
that 70% of social media scams were manually shared. The study also found out
that 17% and 36% of all Android Apps and mobile Apps were actually malware and
grayware(a non malicious software design to track users location and behavior)
in disguise. This is unconnected with the high level of internet security
ignorance among users of social media. In a Norton survey, it was reported that
users did not know what they agreed to give access to on their phone when
downloading an application; and 68% are willing to give up their privacy for
nothing more than a free App.
MOBILE MALWARE
Mobile malware is malicious software targeted at mobile
devices. It is on the increase yet mobile users don’t recognize this fact. The
growth of mobile malware is now on the increase targeted at user’s money. Cyber
criminals now write mobile malware to capture bank details of users, capable of
intercepting text messages with authentication codes from the user’s bank and
use it for fraudulent act. They also create similar mobile App of the bank and
use it to trick the user into giving up his/her account details.
Most App users think they understand what they are
agreeing to when downloading apps, not knowing they have little understanding
of App permission practices and mode of operation. Not only can mobile Apps
have access to user’s sensitive information, but the phones can also be used to
invade the privacy of the user. The App collects and sends sensitive data
including physical location of the users to the App developers. It is highly
advisable to read and understand the terms of use of the App and also the
privacy policy before agreeing to download the App. Most users are aware of
these threats, yet are still willing to allow Apps access to their personal
information.
SMS THREAT TO MOBILE DEVICES
SMS(Short Message Service) and other mobile messaging are
readily used as a means to deliver all kinds of fraudulent campaigns.
Apparently, it is one of the most dangerous threats as its vector of attack.
SMS has been an infection and propagation vector for many
viruses like Trojans, worms, etc through malicious apps to infect victims
especially the contact list. These short messages look real but may include
links to malicious websites/apps. For examples, messages like “Hi buddy, check
out this amazing free music download http://scammers.gov.net.org” or Get a free money making ebook here http://scammers.gov.net.org.
Dating Apps and social media sites are the main medium
scammers are using to lure unsuspecting victim. They initially target mobile
dating apps users and later moved to SMS. The way and manner these scammers
carry out their nefarious activities has no far difference on how it has been
running on email, but with the new mobile platform, it has become easier for
them when using a relatively trusted medium.
Every Dick and harry should be attentive to each
communication on social media and other platform and be aware that cyber
criminals are constantly devising and improving their fraudulent activities.
No comments:
Post a Comment