Eight out of ten people use smartphones regularly, and the trend is rising. Unfortunately, there is a growing trend in the development and distribution of “mobile malware” as well.
Mobile malware is malicious software specifically designed for mobile devices. Statistics on cybercrime now distinguish between different types of malware: phishing, social engineering, drive-by infection, downloading infected apps or exploiting security holes in mobile platforms are among the typical crimes. Most valuable are often bank and payment data that are either misused themselves or resold. Other variants focus on mobile end devices as simpler gateways to later infect or spy on company networks.
Not without reason the good advice is not to install apps from unofficial or unknown sources. Without independent testing or control, the risk is high. In the official Google or Apple App Stores, applications are subjected to various checks and tests before release. But even these checks are not 100% reliable. Apps with malware repeatedly manage to get into the official stores and sometimes spread widely.
Different strategies to deceive users
In order to deceive users after the automatic security checks, various strategies have been developed. According to an analysis by security researcher Lukas Stefanko from September 2019[1] on identified malware, these variants are most often found in the Google Play Store:
-
Adware
Unwanted pop-up ads earn the attacker commission.
-
Subscription Scam / Fleeceware
Apps that without permission charge much too high amounts, also as recurring subscription fees, via the PlayStore.
-
SMS Premium Abo
Malware that unintentionally takes out a paid SMS subscription.
-
Hidden Apps
After installation, the app hides itself to avoid uninstallation.
-
Fake App
Imitated and fake apps that look the same as the original application but contain malware.
In addition to these “Top 5” there are of course other variants. What they all have in common is a significant increase in pests over the last few months – unfortunately despite the increasing countermeasures taken by App Store operators.
Watch out for possible mobile threats
Besides the well-known tips such as regular updates and exclusive use of the official App-Stores, further precautions are highly recommended. Pay attention to which apps you install – especially fake apps look very similar to the originals, but sometimes (sufficient) ratings and downloads are missing. Observe the requested rights of the apps and – just like on the PC – do not open any suspicious emails on your smartphone or tablet. But also SMS and messengers like WhatsApp, Telegram, Snapchat and Co. are misused to send links, malware, spam, phishing or similar.
Additionally, security apps help to protect your data and devices. Also, pay attention to name and logo and a well-known developer! A test virus can help to test the functionality of your security app.
Link:
Mobile Security: Keep the control of your data on the smartphone
[1] https://lukasstefanko.com/2019/10/android-security-monthly-recap-9.html