Mobile Phone Security: All You Need to Know

mobile-phone-security.jpg

How secure is your mobile device? It's easy to forget that your mobile phone is essentially a pocket-sized computer and that, just as with any device that can connect to the Internet, mobile phones are at risk of a cyberattack.

Mobile malware has been increasing at an alarming rate. There was a 27 percent increase in new mobile malware in the last quarter of 2017, according to McAfee.

Types of Mobile Malware

The types of mobile malware users may be exposed to are many and varying. Following are some examples:

  • Mobile spyware: This form of malicious software can infiltrate seemingly benign programs and secretly monitor your activity, record your location, and steal sensitive passwords. You may even have inadvertently granted an app access to harvest this information when you downloaded it.

  • Rooting malware: A particularly unsavory form of malware, these bugs gain root access to a compromised device in order to provide hackers with administrative privileges and access to users' files. Some rooting malware, such as Ztorg, are able to embed themselves into the system folders, so that even a factory reset won't be able to remove them.

  • Mobile banking Trojans: As mobile banking grows in popularity, an increasingly grave problem in the cybersecurity world is mobile banking viruses. In 2017, mobile banking Trojans attacked close to 260,000 users across 164 countries. Attackers masquerade as a legitimate banking app to lure users into installing it, only to steal their credentials.

  • SMS malware: This form of malware will manipulate a mobile phone to send premium-rate text messages, often without the user noticing until they receive a shocking bill at the end of the month.

How Your Mobile Phone Can Get Infected

By far the most common way that your device may become infected is if you download a malicious app. Cybercriminals may pirate an existing app and list it on a third-party app store with hidden malware attached, so that users who download the app invite malicious software onto their devices.

Hackers also exploit known vulnerabilities in an operating system, which is why it is paramount that you keep your device up-to-date with the latest software.

Another way you might expose yourself to an attack is by connecting to a public WiFi hotspot. As public WiFi is usually unencrypted, attackers can intercept the data stream between the user and the access point. Known as a "man-in-the-middle attack," this can enable intruders to eavesdrop on any conversations carried out over the compromised network.

What Are the Signs of a Malware Attack on Your Phone?

If you contract a virus on your computer, it can be quite straightforward to spot that something has gone wrong. You'll probably see hundreds of irritating pop-ups or find that your computer starts to randomly and sporadically crash.

The signs of an infection on your mobile phone, however, may be harder to spot. You may have some malware lurking in the background and corrupting your phone without even realizing it.

Key signs to look for are if your device suddenly begins to operate more slowly, or your battery drains more rapidly than usual. Far more than an indication that you need a phone upgrade, a noticeable and sudden drop in performance could be a sign of an infection.

Another tell-tale sign to assess whether you may have a virus on your phone is if you see sudden spikes in your data usage. This could be a result of a virus running background tasks that you aren't aware of, or trying to access the Internet in order to transmit data from your phone.

Strange charges on your monthly bill also could be symptomatic of a virus, as some malware can make money from sending premium texts from your phone without you noticing. Be sure to review your bill routinely so you can catch any dangerous viruses early.

How to Remove Mobile Malware

If you suspect that your phone may have been compromised, what steps can you take to remove malicious software?

You need to start by putting your phone into Safe Mode. You can do this by holding down the power off button until you're prompted to reboot your device to Safe Mode. The Safe Mode will disable all third-party apps, so if you find that your device then works smoothly, you can be confident that a virus is at the root of your problem.

Then go into your settings and to the apps folder. Scan for the app that you think might be the culprit, or for anything that you don't recall downloading. You can remove it manually by clicking the uninstall button.

Top Tip: Sometimes the uninstall button will be gray and won't respond when you tap on it, because the malicious app has granted itself administrator status. In that case, you need to go into the security settings and deactivate administrator rights for the malicious app in question. You then should be able to remove the app from the app list.

If you are still unable to remove the malicious software from your device, you will need to do a full factory reset. This can be achieved by going into your phone settings and erasing all data.

Be sure that you have backed up any important files before you do this, as you will not be able to retrieve your beloved photos and important contact list afterward.

Tips for Securing Your Mobile Phone

The most effective way to protect your phone from malware is to take preventative steps to reduce the likelihood of contracting an infection in the first place.

Following are our top tips for securing your mobile phone:

  1. Be wary of public WiFi hotspots. Do not access any sensitive information through public WiFi, such as logging into your bank or checking sensitive work emails, as a hacker may be able to intercept your communication through a "man-in-the-middle" attack. It is far more secure to use a 3G or 4G instead, or to use a VPN.

  2. Do not jailbreak or root your device. It may sound appealing to be able to download paid apps for free by jailbreaking your iPhone or rooting your Android, but this removes the protection from Apple and Google respectively. Proceed with caution if you do go down this route, or you may find yourself vulnerable to malicious apps.

  3. Only download apps from the official app stores. Savvy hackers have been known to slip past the walled garden of the App Store and the security measures of Google Play Protect, but your chances of downloading a malicious app are far lower if you stick to the official app stores.

  4. Update your operating system. Cybercriminals exploit vulnerabilities in operating systems to gain access to outdated smartphones. Be sure to install updates to your software as soon as a new version is released, to minimize this risk.

  5. Encrypt your device. Encrypting your phone will scramble all files so that only you have access to them. You'll need to enter a PIN or password to decrypt your phone every time you want to use it.

  6. Review your access permissions. Often when consumers download new apps they don't take the time to read the Terms & Conditions, or consider what data they are allowing the app to access.

Election Season Scams Target Civic-Minded Citizens

election-scam.PNG

On November 6th, citizens will cast their votes for governors, state officials, or members of Congress, either continuing to support the incumbent or opting to make a change with a new candidate. In any event, the work of campaigning and elections are big business…especially for scammers.

With so much discussion about the mid-term elections, thieves have launched a wide variety of election season scams to steal personally identifiable information, financial resources, or both.

1. Phishing attempts – Candidates and political parties rely on emails and phone calls to connect with voters, and scammers are using the same tactics. By posing as members of a campaign, scammers target their victims with phony donation requests, fake news articles that encourage them to click and input their information to read, and more. The goal in these scams isn’t just money, but also access to your personal data.

2. Donation requests – It takes a lot of money to put on an effective campaign, so political candidates often request donations, host fundraisers, and more. Thanks to online platforms, candidates or their team members can request money via social media and platforms like GoFundMe or PayPal. However, the natural mechanism that allows candidates to do that effectively also means a scammer can do it, too. Be on your guard for similar names, “patriotic”-sounding organizations, and issue or party-centric groups that are not actually affiliated with anyone campaigning.

3. Fake robocalls – There have already been reports of robocalls associated with particular candidates for promotional purposes, and remember, charitable organizations and political ads are two of the categories that are exempt from the Do Not Call registry. However, some of the robocalls have not only been spoofed or use stolen recordings of the candidates, but some of them have also even been highly offensive and designed to get the listener to interact.

So how are you supposed to protect yourself from elections season scams? By using the exact same good habits that are designed to keep you safe from scams throughout the year. Never give out your information or verify your identity to someone who contacts you; never make a spur-of-the-moment donation or spontaneously pay a fee, fine, or bill; remember that anyone can create an email account or website, and it doesn’t take any effort or know-how to copy or mimic an existing organization.

Election Hacking: How to Keep Your Vote Secure

election-hacking.PNG

As an individual voter, there is very little you can do to keep your own vote secure and safe from hacking, manipulation, or fraud. The most effective action you can take, if this subject is important to you, is to contact the elected officials in your area who are actually responsible for securing elections against hackers and raise your concerns.

On a personal level, here are some tips to secure your vote and make sure it counts:

If you vote via paper ballot and optical scanner:

  • Read the instructions on your ballot, and make sure that you mark the ballot in the required fashion.

  • If given the option, scan the ballot yourself. Do not leave the ballot scanner until you see that your ballot was accepted.

  • If not given the option to scan your ballot, ensure that your ballot is placed into a tamper-proof container by poll workers.

If you vote via a DRE voting machine:

  • Familiarize yourself with the touchscreen, push-button, or dial controls.

  • As you vote, pay close attention to each screen, and make sure the machine is correctly registering your choices.

  • If provided with a confirmation screen, carefully go through the list to make sure that it lines up with the choices you made.

  • Ask poll workers if the machines are equipped with a voter-verifiable paper trail. If they are, make sure to examine your ballot receipt carefully when you are done voting. If it doesn't match the actual choices you made, you may be able to mark it spoiled and try again. If it still doesn't match, bring it to the attention of poll workers. The machine may be calibrated improperly.

If you vote via mail:

  • Voting via the mail is generally considered to be secure, as the primary vector for attack involves stealing and altering ballots after they have been placed in a mailbox or drop box.

  • If possible, avoid putting your ballot in an unsecured personal mailbox.

  • Use a secure mailbox if possible, or take your ballot to a designated drop off point.

Cathay Pacific Hacked, Compromising the Data of Millions of Passengers

Cathay-Pacific.jpg

Cathay Pacific Airways Limited, the flag carrier of Hong Kong, admitted having suffered a major data leak affecting up to 9.4 million passengers.

Exposed data includes passport numbers, identity card numbers, email addresses, and credit card details were accessed, information exposed varies for each affected passenger.

“As part of our ongoing IT security processes, we have discovered unauthorized access to some of our passenger data.  Upon discovery, we took immediate action to contain the event, and further strengthen our IT security measures.” reads the official statement published by the airline.

The IT staff at Cathay discovered an unauthorized access of systems containing the passenger data of up 9.4 million people. Hackers also accessed 403 expired credit card numbers and twenty-seven credit card numbers with no CVV were accessed.

The company is notifying the affected passengers through multiple channels.

“We are in the process of contacting affected passengers, using multiple communications channels, and providing them with information on steps they can take to protect themselves,” said Cathay Pacific Chief Executive Officer Rupert Hogg.

“We have no evidence that any personal data has been misused.”

“The following personal data was accessed: passenger name, nationality, date of birth, phone number, email, address, passport number, identity card number, frequent flyer programme membership number, customer service remarks, and historical travel information.” Hogg added.

The company immediately reported the incident to the authorities and launched an investigation.

At the time there is no news about financial compensation for affected passengers.

Anyone who believes they may be affected can contact Cathay Pacific in the following ways:

  • Via the dedicated website – infosecurity.cathaypacific.com – which provides information about the event and what to do next

  • Via Cathay Pacific’s dedicated call centre available after 12:30/25OCT (GMT+8) (toll free numbers are available on infosecurity.cathaypacific.com)

  • Email Cathay Pacific at infosecurity@cathaypacific.com

5 Most Prevalent Phishing Subject Lines

phishing.PNG

Chances are good there's a phishing scam lurking amid your emails right now. If there isn't, then perhaps there will be tomorrow, or the next day. The question is, will you fall for it?

Phishing emails are getting tougher to block because attackers are crafting their bait to be more convincing to targets, researchers report. And employees are quick to open potentially malicious emails, even when they know they should be on alert.

Here's a look at the most commonly used phishing subject lines, the messages they include, and what they reveal about their attackers' goals and tactics.

'Assist Urgently'

Attackers convey a sense of immediacy when they don't want targets to dwell on their choice to act. It's something they want you to make a decision on quickly.

Maybe the note won't say "assist urgently," but a similar prompt for employees. Related subject lines he commonly sees include "Review" or "Quick Review," both of which demand a person to take action. 'Important: (1) NEW message from' is another popular one.

'Invoice'

"Invoice" is seen in six of the top ten phishing subject lines detected. Financial motivation is far in the lead when considering phishing subject lines.

While the top six scams differ in message content, all try to lure their targets with the word "invoice" as the subject line. Money is a powerful motivator. Attackers know it, and they're using it to their advantage.

'Verify Your Account'

This subject line has less to do with direct financial gain and more to do with credential theft. While there may be a financial component to these types of attacks, credential phishing is typically done to gain a foothold inside a target network.

When talking about this idea of credential phishing, 'verify account' is designed to get you on a landing page to validate your credentials. Attackers want your username and password. To get them, they might try to impersonate a brand you frequently use.

'AMAZON: Your Order no #812-4623 might have ARRIVED'

These types of emails are frequently seen around the holidays. Certain types of attacks were more prevalent during different times of the year: financial and tax-related scams arrived around tax season, and fraudulent messages about deliveries show up at Christmastime.

Most people who frequently shop on Amazon will investigate emails like these to see which order it's referring to, or remind themselves of what they purchased. They'll click the link to see what they ordered, and they realize they've already infected their machine.

'Copy' or 'Document Copy'

While malicious links are increasingly commonplace in phishing emails, attachments continue to be popular – and effective – especially in emails related to invoices, payment notifications and statements, or alerts associated with online ordering and billing.

This aligns with the trend of attackers improving their understanding of business context. If they know employees frequently send documents, they know a malicious spreadsheet or Word file won't seem out of place.

The fact that many phishing subject lines are short – only one or two words – is indicative of attackers' understanding that modern business communication is relatively informal. People in a business context do things in a hurry. It doesn't have to be specific.