July 17, 2014 No Comments-
If Newton was alive today – and was a computer security expert – he might suggest that for every large, worldwide event, there’s an equal and opposite malware campaign launched by ambitious criminals.
This World Cup was no exception. While the world’s greatest footballers were competing in Brazil, some of the world’s most tech-savvy criminals were attempting to trick potential victims with into clicking malware-containing emails and apps.
What World Cup dangers were there?
Email is the typical method for tricking users during a worldwide event, and this World Cup wasn’t an exception.
The criminals’ technique is to send victims an email with an interesting-sounding subject line – this could anything from free tickets to Brazil to a gossip-fuelled story regarding world-cup biter Luis Suárez. If someone opens one of these links, malware will be automatically downloaded onto their system.
It’s a technique that’s been used for decades now, and although it still affects people, an increasing number of users have grown wise to it (partially thanks to security blogs like this one constantly reminding users not to click links in unsolicited emails).
For 2014, criminals have been trying more inventive ways to trick users. For perhaps the first time, mobile phones apps were the infection method of choice for people looking to exploit a major global event.
These criminals target Android mobile phones, because it allows users to choose whether or not they want to download apps from unofficial sources. There are many legitimate reasons to download apps from outside of the default Google Play store, but in doing so users open themselves up to an unprotected experience.
Inside the Google Play store, Google employes vet and veto apps that contain malware, constantly monitoring submissions for suspicious behaviour. It’s like they run a giant anti-virus scanner on their store – only very rarely will malware sneak through.
By choosing to install apps from outside the Google Play store, there’s no virus scanner, so bad things are much more likely to happen. A recent study showed that 99.9% of Android malware infections came from apps installed outside the Google Play store.
What can I do?
The simple solution to boot malware related to worldwide events is to avoid any suspicious-looking links or downloads.
If it’s a breaking news story, you’ll be able to find it on one of the big sports news websites. If it’s an information app, there are almost certainly more reliable ones from big providers.
Norman Safeground Blogs Archive