You might be giving consent to phishing on your mobile device or computer

News about phishing is published constantly on the Internet and TV, warning people about several threats detected every day in emails, phone calls, social engineering, webpages and social media such as Facebook.

However, not everybody pays attention to this news since the majority are not aware of what phishing really is or what it looks like.

Phishing is an online scam designed by cybercriminals to steal money and personal information from your computer or mobile device, ironically, with your consent.

The way criminals do this is by posing like a legitimate company, organization or bank in order collect sensitive information such as usernames, passwords, credit card details and in some cases money.

The best way to avoid being a victim of phishing is by knowing how to recognize it. The following are examples of the most common ways criminals attack:

Phishing Email:
When you get an email from your bank, social media account, school, etc. requesting verification or some kind of urgent action, pay attention to the following signs to detect phishing:

Email Phishing

Generic greeting: since email phishing is sent in large quantities, criminals use generic names such as “Dear valued costumer”. If you don’t see your name in the email, be suspicious.

Forged Link: Phishing is all about posing as a legitimate company, that’s why emails will look exactly as the genuine company layout. Pay attention to the links that they are asking you to go to, and read if they are actually going to the company’s site or to any other random, unfamiliar one. Another way to do this is by looking at the URL, in most cases the URL should start with “https”, the s stands for secure and if you don’t see it, don’t proceed.

Request sensitive information: If an email is requesting sensitive information such as ID data, credit cards or passwords it is probably phishing. Pay even more attention to the URL or link you are at.

Sense of urgency: Cybercriminals want to get your information ASAP. That’s why they will create threatening or confusing messages to get you to act immediately.

Phishing website:

2-16-2013 2-39-23 PM

Poor resolution: This websites are usually poor quality. Be suspicious if the logo, text or resolution is poor.

Forged URL: Some webpages will masquerade their URL with names similar to the company, however always look for the s in “Https” that will tell you if the webpage is secure. Also, look out for URLs that begin with an IP address, such as: http://12.34.56.78/firstgenericbank/account-update/ — these are likely phishes.

Forged URL’s cannot show a domain path, what this means if you are at “http://www.paypal.com” and entering information, be cautious. There should usually be more to the URL. Paypal would not have you enter any information on their home page! This is a masqueraded URL!

Social Media Phishing:

twitter2-phish-small-private-with-direct-message-v3

Phishing in social media is increasing since people are more social and trusting. Cybercriminals know that and are pushing messages containing threats that accounts will be blocked if users don’t verify information, or promising interesting content such as games, videos or pictures.

So, be aware and pay attention to URLs, layouts, and the types of information you are required to give. Be cautious and keep your antivirus, such as MyAntivirus, updated and running since they can detect scams like phishing and malware behind it.

Don’t let malware score a goal against you in the world cup

malware. worldcup. BLOG

Cyber crime can score a goal against you during this world cup as mobile malware is becoming more spread, stealing information, exhausting the life of your devices or money with apps that you install in your mobile devices.

Hackers are targeting IOS but hitting harder on Android devices, as 99% of cybercrime in the first quarter of 2014 targeted Android. Due to the open architecture of Android, it has allowed the increase of threats such as mobile banking Trojans.

Another kind of popular malware being found is Ransomware, a type of malware that locks your device and holds the victim ransom until payment has been made, making it very difficult to uninstall.

Also, malware spreads easily and quickly through social media such as Facebook and Twitter. Impressive pictures or videos are the most common ways to lure victims to download them.

giant-snake-3

Nowadays, with the world cup at the highest peak many football fans around the globe follow the latest news and applications in search of a variety of pictures, videos and games.

But for people not aware of these threats, a large portion of these apps are malware and they are set to read your private messages, identify your location or steal your bank account information.

To prevent this, it is not only important to have an antivirus like MyAntivirus but also to read the application permissions before install which require access to your contact list or to pinpoint your location. Some malware can send SMS messages that cost you money or install other malware apps without your knowledge.

The world cup, as any other big event in the past, is becoming a great hook for hackers to attract victims.

Caution is always advised, so get a good antivirus such as MyAntivirus to prevent the installation of malware but also, think twice before agreeing to intrusive app permissions and pushing the install button.

Why Google is wrong and why mobile antivirus is needed

Android malware

“Mobile anti-virus is not needed”, says Google’s head of Android security. Speaking to journalists at the company’s Mountain View headquarters in California, Adrian Ludwig states that there’s no reason to install something in addition to the security that Google provides.

Nevertheless, fragmentation among the different manufacturers remains one of Androids security problems that Google is trying to tackle in the new versions of Android. Google claims that Android antivirus apps are pointless and just scams.

With the upcoming release of the Mobile Cloud Labs new Android Security Suite we couldn’t disagree more. Not all Android antivirus applications are equal though. Through both internal testing conducted at Mobile Cloud Labs and independent tests, we have shown just the opposite of what Google states.

In fact, we agree that Android is most definitely a secure system as it is built on top of Linux with several design features that add layers of protection. Google is right from the standpoint that a true “antivirus” may not be needed.

Viruses by definition are self-replicating and typically inject themselves into files and other executable applications, which without a rooted Android phone is extremely difficult to do on an Android device.

However, Antivirus companies label their products as “antivirus” because that is what people have learned to look for coming out of the Windows era. What is definitely possible with Android that most good “antivirus” apps protect against, are classifications of malware such as “Spyware”, “Ransomware”, “Trojans”, and “Scareware”. These types of applications can steal your information, cause unexpected behavior and slow down your mobile device.

Android malware is typically built into simple unsuspecting apps such as flashlight apps, battery apps etc. If you download a flashlight app for your Android device and it requires any special privileges (presented to you before download), this is the first sign of bad intention by the distributor and possible malware.

The team behind Mobile Cloud Labs knows this because they have written proof of concept applications internally in order to know what to look for and what to protect against in our upcoming Android Security Suite.

Google is correct in the fact that mobile antivirus is not needed. Where they stand corrected is that the majority of mobile antivirus apps on the market are actually protecting against other forms of malware not necessarily viruses. These apps are marketed that way because face it, when was the last time you searched for “anti malware”?