Lookout, the guys behind some of our favorite mobile security software, is constantly looking at apps from around the world. In fact, they analyze some 30,000 titles per day, always keeping an eye on things. This week sees them compiling its first list of Relentless Mobile Threats to Avoid. As Lookout sees it, these are the sort of threats that anyone and everyone should be aware of and avoid. Even those living in the United States.
They represent the threats that our researchers see as being among the most likely to land on your mobile phone. These threats can steal personal data, spy on consumers, and potentially cause people to lose control of their device.
Below are some of the key threats of which you should be proactive and vigilant. Broken into four categories, you’ll not only learn about the bad stuff, but you’ll also learn ways to protect yourself.
It sounds like the stuff of James Bond, but “surveillanceware” can be scary because it can spy on everything you do with your phone. The malware accesses personal data stored on the device and continues to collect new information based on your activity on the phone (envision a husband looking for evidence of his spouse’s cheating). It can collect photos and videos, record audio conversations, and log websites visited. And with all this data at the malware author’s hands, victims could be at risk for identity fraud.
How can people stay safe? Lock the device with a pin or passcode. It’s more difficult for someone to install unwanted software if the phone is protected, although not impossible (see below).
Phones for Ransom
Ransomware is a nasty type of malware. Bad guys use it to lock a victim’s device and demand money in exchange for regaining control over the device. Some ransomware tries to frighten the device owner by, for example, falsely claiming that the FBI will investigate the victim, or using the device’s camera to take a picture of him or her. Ransomware is extremely difficult to remove, and even paying the ransom doesn’t guarantee that the device will be restored to its owner. The malware can be secretly downloaded to a victim’s device when he or she visits a “malicious” website. It may also be distributed through spam campaigns, installed on the device when the victim opens an email attachment.
How can people stay safe? When ransomware is downloaded to a phone from a malicious website, it takes the form of an APK (Android application package). Often, it will disguise itself as an antivirus app or may in some way trick you into launching the app. To avoid this, do not grant applications administrator access to the device unless the app is reputable. Only download apps from trustworthy sources. Install a mobile security app on all mobile devices to detect these threats before they are opened.
Malware That Uses Your Phone Without Your Permission
NotCompatible can trick websites into thinking that Web traffic is coming from an infected phone when it’s actually coming from another destination. For example, ticket scalpers use NotCompatible to buy tickets through a victim’s phone to later
be resold. When they use the infected phone as a “proxy” to access, say, TicketMaster, that website then believes it’s the victim accessing it and not the real culprits — the scalpers. In essence, NotCompatible lets would be criminals bury their identity and location by misdirecting their activities through an alternate unsuspecting user.
NotCompatible is downloaded to a person’s phone after they access a website that is secretly harboring malware. This is called a “drive-by download” and is only possible when the “unknown sources” setting on an Android is enabled. We’ve also seen links to sites secretly downloading NotCompatible in phishing emails.
How can people stay safe? Avoid opening spam email. Unexpected emails from long lost friends with generic titles such as ‘hot news’ or ‘Last all Night’ or ‘You Won $1000” are normally a good indication that an email is spam. Only click on websites you recognize, and avoid clicking on shortened links (like bit.ly) as it stops you from seeing what website you’re traveling to. Delete any file that your phone downloads unexpectedly. Disable the “unknown sources” setting in Android.
Some apps, like Candy Crush and Instagram, are free for consumers to use because they get money from advertisers. However, criminals have figured out how to sneak into ad networks and apps to reach consumer phones. Adware includes malicious ads masquerading as a legitimate advertisement, or malware hiding in legitimate ads in apps downloaded from app stores. Adware is by far one of the most common threats to mobile devices; In 2014, millions of people were affected by it. Lookout flags adware based on these guidelines.
How can people stay safe? Check the app reviews for complaints about ads, and review (and be ok with) the personal information the apps you download collect.