Posted 11:28 pm Sunday, January 27, 2013
Send to Kindle
Protecting smartphones can reduce malware risk
By MECHELE AGBAYANI MILLS
Tyler Better Business Bureau
Various malware is increasingly attacking Android operating systems for mobile devices. Loozfon and FinFisher are just two examples of malware used by criminals to lure users into compromising their devices.
Tyler Better Business Bureau
Various malware is increasingly attacking Android operating systems for mobile devices. Loozfon and FinFisher are just two examples of malware used by criminals to lure users into compromising their devices.
BBB advises consumers to use caution when opening emails and downloading apps onto their smartphones.
Loozfon is an information-stealing piece of malware. Criminals use different variants to lure the victims.
One version is a work-at-home opportunity that promises a profitable payday just for sending out email.
A link within these advertisements leads to a website that is designed to push Loozfon on the user’s device.
The malicious application steals contact details from the user’s address book and the infected device’s phone number.
FinFisher is a spyware capable of taking over the components of a mobile device.
When installed, the mobile device can be remotely controlled and monitored no matter where the target is located.
FinFisher can be easily transmitted to a smartphone when the user visits a specific web link or opens a text message masquerading as a system update.
BBB provides tips to protect your mobile device:
One version is a work-at-home opportunity that promises a profitable payday just for sending out email.
A link within these advertisements leads to a website that is designed to push Loozfon on the user’s device.
The malicious application steals contact details from the user’s address book and the infected device’s phone number.
FinFisher is a spyware capable of taking over the components of a mobile device.
When installed, the mobile device can be remotely controlled and monitored no matter where the target is located.
FinFisher can be easily transmitted to a smartphone when the user visits a specific web link or opens a text message masquerading as a system update.
BBB provides tips to protect your mobile device:
- When purchasing a smartphone, know the features of the device, including the default settings. Turn off unused features of the device to minimize the attack surface of the device.
- Before downloading and/or purchasing a mobile app, look at the reviews of the developer/com pany.
- Review and understand the permissions you are giving when you download applications.
- Passcode protect your mobile device and enable the screen lock feature. This is the first layer of physical security to protect the contents of the device.
- Obtain malware protection for your mobile device. Look for applications that specialize in antivirus or file integrity that helps protect your device from rogue applications and malware.
- Be aware of applications that enable Geo-location. This application can be used for marketing, but can be used by malicious actors, raising concerns of assisting a possible stalker and/or burglaries.
- Jailbreak or rooting is used to remove certain restrictions imposed by the device manufacturer or cell phone carrier. This allows the user nearly unregulated control over what programs can be installed and how the device can be used.
However, anytime a user, application or service runs in “unrestricted” or “system” level within an operation system, it allows any compromise to take full control of the device.
- Do not allow your device to connect to unknown wireless networks. These networks could be rogue access points that capture information passed between your device and a legitimate server.
- If you decide to sell your device or trade it in, make sure you wipe the device (reset it to factory default) to avoid leaving personal data on the device.
- Perform regular updates to your smartphone. This decreases risk of the device being hacked or compromised.
- Avoid clicking on or downloading software or links from unknown sources.
