Get in Touch

Traditional ransomware like WannaCry has been explained a thousand ways on a thousand blogs. But one thing you may not have thought about is what ransomware would be like if it infected your mobile device. Read on to learn more.

How does ransomware make it onto your Android device?

Like its desktop equivalent, mobile ransomware needs to be installed on your device before it can do damage. For Android devices, this means mobile apps that hide their true intent. There are two ways to install programs on your mobile device: downloading them from app stores like Google Play and Amazon Appstore, or downloading them directly from websites and email links.

Surprisingly, both come with risks. Unverified sources often advertise free apps that hide malware, and the best of these can occasionally avoid detection and be allowed into monitored app stores.

What does mobile ransomware look like?

Similar to ransomware on personal computers, mobile ransomware holds data stored on your device hostage and demands ransom. For example, in the case of a ransomware that came with the "OK" app, a popular Russian social network platform that was infected earlier this year, a user is prompted to change device settings. There is no option to close the prompt and tapping Accept locks everything down and leaves you with nothing but a ransom note.

How to protect yourself from mobile ransomware

First and foremost, avoid downloading apps directly from websites or third-party app stores. Additionally, make sure you turn on Google’s security system -- Verify Apps -- which scans all the apps about to be installed on your device for potential threats. You can do so by opening your Android's settings, choosing Security, tapping on Verify Apps, and activating ‘Scan device for security threats’.

Second, install antivirus software on your device and keep it up to date.

Third, back up important files from your device to either a USB disk, a computer, or any cloud-based services. This way, you won’t lose your valuable data if you are forced to factory-reset your device.

Last, if ransomware made its way into your device, don’t pay. According to IT security company ESET, mobile ransomware very rarely includes programming to reverse the damage it has done.

Losing any type of data is an enormous inconvenience, but businesses need to be especially careful about careless employees. Data loss could result in lawsuits or regulatory fines, so it’s important that you know how to safeguard your Android against ransomware.

For more in-depth advice on how to protect yourself and your business from this threat, get in touch with our experts today.

Published with permission from TechAdvisory.org. Source.

Emma loved tweaking photos on her Android phone.

She’d heard rave reviews from her friends with iPhones about Prisma, a new iOS app for image editing. So when she heard Prisma would soon be released for Android, she logged in to the Google Play Store to see if it was there yet.

To her surprise, she found one that looked just like what her friends were describing. Delighted, she downloaded and started using it. Meanwhile, the app—a fake—was busy installing a Trojan horse on her phone.

When she got to work the next day, she connected her phone into the company wi-fi network as usual. The malware jumped from her phone to the network. Yet no one knew. Not yet, but that was about to change…

Now, this isn’t necessarily a true story (at least, not one we’ve heard of—yet…), but it absolutely could have been. And similar situations are unfolding as you read this. Yes, possibly even at your company…

Fake apps exploded onto iTunes and Google Play last November, just in time for Christmas shopping. Apple “cleaned up” iTunes in an effort to quell users’ concerns, but hackers still find workarounds. Unfortunately, these fake apps pose a real threat to the security of your network. Especially if your company has anything but the strictest BYOD (bring your own device) policies in place. And the more your network’s users socialise and shop on their smartphones, the greater the risk of a damaging breach on your network.

Fake apps look just like real apps. They masquerade as apps from legitimate merchants of all stripes, from retail chains like Iconic and Footlocker, to luxury purveyors such as Christian Dior. Some of the more malicious apps give criminals access to confidential information on the victim’s device. Worse yet, they may install a Trojan horse on that device that can infect your company’s network next time the user logs in.

So what can you do?

First, keep yourself from being fooled. Anyone can easily be tricked unless you know what to look for. Take the following advice to heart and share it with your team:

Beware of Fake Apps!

In case you weren’t aware, one of the latest and most dangerous Internet scams is fake apps. Scammers create apps that look and behave like a real app from a legitimate store. These fake apps can infect your phone or tablet and steal confidential information, including bank account and credit card details. They may also secretly install on your device malicious code that can spread, including to your company network.

Take a moment and reflect on these nine tips before downloading any app:

  1. When in doubt, check it out. Ask other users before downloading it. Visit the store’s main website to see if it’s mentioned there. Find out from customer support if it’s the real McCoy.
  2. Check the Spelling. Many fake apps are made in haste, often where English is not a native tongue. Many have broken English grammar. Users should pay attention to spelling and grammar in any app descriptions if they have any doubts about its originality.
  3. Check the reviews. If you do decide to download an app, first check it’s reviews. Apps with few reviews or bad reviews are throwing down a red flag.
  4. Check the Developer’s Name. Users need to check for the name of the developer in the corresponding category, and avoid downloading apps that have a wrong or misspelled developers’ name
  5. Never, EVER click a link in an e-mail to download an app. Get it from the retailer’s website, or from iTunes or Google Play.
  6. If in doubt, directly type in a store’s website in your browser. and look for an icon or button that reads "Get our app." This will take you to the App Store or Google Play store where you can download the correct app.
  7. Offer as little of your information as possible if you decide to use an app.
  8. Think twice before linking your credit card to any app.
  9. Check the Deal. If it sounds too good to be true – it probably is.

Most importantly, get professional help to keep your network safe. It really is a jungle out there. New cyberscams, malware and other types of network security threats are cropping up every day. You have more important things to do than to try and keep up with them all.

Also, ask your IT professional about implementing a best practice BYOD policy for your organisation.

Nowadays, smartphones are filled with all sorts of personal data including contacts, schedules, photos, videos, documents, and more. Whether you're selling or giving away your old phone, you'll want to both save this personal data and prevent others from gaining access to it.

Here are a few steps to prepare your iPhone or Android phone for its new owner:

iPhone

  1. Back up the data on your smartphone using iTunes – iCloud users may be able to skip this step.
  2. Deactivate apps which lock your phone to your online identity, such as iMessage and Find my iPhone.
  3. Remove your sim card to protect your contacts and call logs.
  4. Perform a factory reset to return your device back to it's original state. Within settings, go to “General" and then "Reset.” Next, select “Erase all Content and Settings.”

Android

  1. Make sure your contacts, calendar entries, documents and settings are synced with your Google account. You can also use an all-in-one backup software of your choice.
  2. Back up your photos and videos to your own computer or a cloud storage service such as Dropbox, Flickr, or Microsoft OneDrive.
  3. Back up your text messages and call log using the app of your choice, or the option supplied by your service provider.
  4. Deactivate any apps which lock your phone to your online identity, such as Android Device Manager.
  5. Remove your sim card to protect your contacts and call logs.
  6. Remove any memory cards which may otherwise contain sensitive information.
  7. Enable encryption (usually found in Settings under "Security") to ensure that no-one can recover any data from your device after you perform the following step.
  8. Perform a factory reset to return your device back to it's original state.

Once you've reset your old phone to its factory settings, you may want to unlock it. Unlocking a smartphone allows it to be used with various service providers. If you don't unlock your phone, it will be tied to your service provider and may be harder to sell.

Some older smartphones (like Blackberries) also have separate mini-SD storage cards used to store photos, etc. Ensure you remove this card or delete the data on this storage device as well

Sales
Support
Email
SHOPCUSTOMER SUPPORT CENTREEMAIL SUPPORT
Sensible Business Solutions © 2021 All Right Reserved
Privacy Policy
magnifiercrossmenuchevron-down