Digital Pickpockets Are Now Targeting Your
Smartphone
Image credit: shutterstock
CONTRIBUTOR
Chief Consumer Security Evangelist at Intel
JANUARY 4, 2016
The scourge of viruses, Trojans and other malware has
long been a familiar foe for desktop PC users. As iPhone
users in China recently discovered, these digital
nasties are no longer confined to traditional computers and are already a very
real threat to the security of mobile devices, such as smartphones, tablets and
wearables.
Few smartphone owners seem to realize this risk,
despite the fact that our smartphones have become a veritable treasure trove of
digital booty -- photos, passwords, emails and texts, location
data and more. To enterprising malware engineers, scammers and bad actors,
sneaking into a smartphone may be the ultimate jackpot. Consumers aren't
without options, however, and taking a few quick and easy precautions vastly
decreases the risk of becoming a victim.
1. A need for consumer awareness
Because of their unique status as a digital catch-all,
and the fact that smartphones are often used in locations that lack traditional
safeguards such as firewalls, smartphones actually require more protective
measures from malicious interlopers than PCs.
And yet last year's State of the Net by Consumer
Reports found that just 7 percent of mobile phone
owners use any form of encryption and little more than a third even bother
using a PIN. That's a terrible track record. No wonder then that McAfee Labs recorded
a jump of malware sampleson mobile devices by nearly 50
percent in just the first quarter of this year
2. Apps too eager to ask permission
While the volume of malware is certainly alarming,
what’s of particular concern is the manner in which it gets onto devices. In
particular malware writers have begun targeting apps directly rather than
going after devices. The result is that users blindly trust app stores and
install apps that have been compromised, unwittingly infecting themselves in
the process.
This is made effective in large part due to overly
aggressive apps that require far too many permissions to access user and
device data than is logical or necessary. Take for example flashlight
apps that needlessly demand the ability to perform a host of unwanted
functions, like the ability to delete apps, track your
location and even fiddle with your phone's software. Games are the most popular
downloads on app stores, and as a category are notoriously pushy with
permissions that needlessly put users at risk.
3. Desperate times call for commonsense measures.
There is, unfortunately, no completely foolproof way
of foiling all the malware all of the time. But by using a few simple and
sensible precautions the vast majority of risks can be averted.
4. Regularly update your phone's software.
The easiest, and most effective step you can take to
protect your personal data is to install the periodic updates to your
smartphone's software. Besides adding features, they typically include crucial
security fixes you won't be able to get otherwise.
5. Turn on provided security features such as device encryption and locate
and lock.
Your phone comes with a comprehensive array of free
security tools. Enable them, and be familiar with their use such as how to
locate a lost device and lock or even wipe it clean of data remotely.
6. Be mindful of permissions.
When you install an app, you grant it access to
various types of information on your device, such as your contacts, your
photos or your location. Before installing an app, look at the permissions
it asks for and decline if it's needlessly aggressive -- why does that
restaurant review app need access to your photos, for instance?
7. Stick with official app stores.
While malware-laden apps have on occasion slipped past
the guards, consumers are far more protected from installing malicious apps and
services when patronizing app stores from the big players -- Amazon,
Apple, Google, Microsoft -- than ones from third-party stores or sites
that aren't accountable to anyone.
8. Resist clicking on unknown links in texts and emails.
Just like you would with oddball links in email
messages, don't click on a hyperlink in a text or email unless it's from
someone you know -- and you're expecting it. Better yet, protect yourself
further by going into your settings on your mobile phone and turning off
auto-download for MMS (multimedia) messages to prevent your phone from
installing anything without asking first.
Our mobile devices give us unprecedented connectivity,
productivity and convenience. However, with cybercriminals ramping up their
mobile skills, now more than ever, we need to be mindful of the risks and take
the appropriate steps to protect ourselves as we enjoy the convenience they
enable.
Sem comentários:
Enviar um comentário