November 13th, 2013
Protecting your phone from malware attacks
NEW YORK, NY - New malware is targeting smartphones with Android operating systems. The Better Business Bureau is warning the owners of Android devices, who may not be familiar with these new forms of malware, about the need to take precautions.
Reports of these malware complaints have come from the Federal Bureau of Investigation (FBI). Two versions of the malware are hitting the Android systems in different ways. Loozfon is similar to phishing emails that lure users with offers of prizes or fast cash. By opening the email, the link pushes the malware onto the device and enables it to steal the address book and its contents. The second, FinFisher, uses text messages or links to load the malware onto the phone. Once installed, FinFisher is able to control and monitor the mobile device, regardless of its location.
“It is important to understand the different ways that malware can infiltrate a mobile device,” said Claire Rosenzweig, President and CEO of the Better Business Bureau Serving Metropolitan New York. “By understanding how it works, consumers can better protect their phones and their sensitive information.”
The BBB advises that mobile device users follow these steps:
• Understand how malware works. Be aware that malware can infect Android phones through spam emails or text messages, as well as through rogue websites.
• Do not open messages from unknown senders. Do not click on any links and don’t reply to suspicious email or text messages from unfamiliar parties - don’t even respond with a request to stop sending messages. This may confirm that a spammer has reached a valid address. Completely delete spam messages. If you click on questionable links or messages, and you have a virus scan feature on your phone - run a full scan immediately.
• Ask your phone’s carrier how to block spam email or text message senders. Then send a block request whenever necessary to avoid getting additional spam from that source.
• Do not store personal financial information or financial account logins on your phone. Avoid sending such information in emails that could be stored on your phone, as well.
• Manage your software. Make sure that your phone’s software is kept up-to-date to better protect the phone. Be sure you download only legitimate software, and look to see what permissions you are giving before you download any new applications. Check to see whether anti-malware software is available for your phone, and find out how that software might affect battery life.
• “Jail-breaking” a device could make it more vulnerable to attack. If this is the case for your phone - be extra careful.
• Never connect with unknown wireless networks. They could be a conduit that captures information passed between your device and a legitimate server.
• Make the most of your phone’s protective features, including the default settings. Turn off features you don’t use to minimize the opportunities for attack. Use a passcode to protect your device. Set the screen lock feature to lock after a few minutes of inactivity.
• Wipe the device (reset it to factory default) if you sell or trade-in your handset to avoid leaving personal data on the device.
For more tips you can trust, visit www.newyork.bbb.org, and to sign up for our weekly scam alerts.
For 100 years, Better Business Bureau has been helping consumers find businesses, brands and charities they can trust. The BBB Serving Metropolitan New York was founded in 1922. Please visit www.bbb.org to learn more information.