In this 4-part series you’ll learn why mobile security matters. We’ll explain common threats, debunk myths, and give you the tools to protect your phone and data -- all while speaking a language you still understand. This is part one. Stay tuned for next week’s chapter on Surveillanceware.
Imagine opening your phone only to find a message from the FBI accusing you of illegal activity. After frantically swiping and clicking every button possible, you realize you cannot gain access to your phone.
The option presented to you is this: pay money to get your device back or be subject to a criminal investigation for some scary accusations: child pornography, zoophilia, and more.
Unfortunately, if you encounter this or a similar scenario, your phone is probably infected with mobile ransomware.
What is ransomware?
Ransomware, like its name suggests, is a type of malware that holds your phone and data hostage for a price. This type of malware locks your device’s screen, blocking you from accessing any of your device’s features: phone, texts, apps, camera, emails, etc.
Example of ransomware.
In the majority of cases, restarting or factory resetting your device leads nowhere. Equally, there is no guarantee that your phone and data will be returned, if you do pay the ransom. Ransomware is, unfortunately, very difficult to remove. Individuals believe their device, including the contents on that device — emails, contacts, photos, and more — is worth upwards of $14,000, according to a recent Lookout study. Our smartphones have become our most personal devices and they mean a great deal to us. Nearly 75% of people (NBA stars included) admit that they are addicted to their phone, so it’s not a big leap to assume many would consider paying the ransom to see it safely returned.
In order to avoid falling victim to mobile ransomware, you must first understand how it operates. Similar to other types of malware, ransomware can land on your phone in a few different ways.
How does ransomware get on your phone?
A mobile drive-by download attack occurs when you visit a compromised website that secretly downloads an app on your phone.
By 2020, smartphones will account for 80% of all mobile data traffic, meaning, we connect to the Internet a lot on our phones. It’s very possible that at some point, you’ll inadvertently visit a malicious website.
This was the case for a variant of ransomware Lookout discovered in late 2014 called “ScarePakage.” In the span of one month, roughly 900,000 people were targeted.
If you have an email or social media account, it’s likely that you’ve received a phishing message. Phishing is a common attack tactic that tricks you into clicking on a link or downloading a file. Phishing emails could be disguised as an urgent message from your bank, notification from the federal government, and in some advanced cases, an email from your best friend or coworker.
If you’re fooled into clicking a malicious link, you could then be redirected to a compromised website that initiates a ransomware drive-by download. Likewise, downloading an attachment directly from the email can have the same end result.
Downloading from third-party stores
To some extent, unofficial app stores don’t patrol their marketplaces as diligently as official stores, like Google Play or the Apple App Store. Naturally, ransomware authors who are looking to make a quick buck, are looking for the path of least resistance -- this means targeting third-party stores where requirements for entry are less severe.
Oftentimes, malware authors go one step further. In order to slip under the radar and coax users into downloading, ransomware has been known to masquerade as fake versions of legitimate apps, such as Adobe Flash or anti-virus products.
Fortunately, there are simple security measures you can implement to avoid stepping into a ransomware trap.
Here’s how you avoid ransomware
Activate a mobile security app, like Lookout, that works in the background to alert you if your device has been compromised. Lookout scans every new app you download and monitors the existing apps on your phone. If a security alert is triggered, you’ll receive a notification immediately and be given the option to remove the app.
To perform a security scan with Lookout: Security > Scan Now
If you don’t already have Lookout, you can download it here:
Avoid shopping in third-party app stores
As easy as it may be to venture off the beaten path, stick to downloading from official marketplaces like Google Play, the Apple App Store, or the Amazon App Store. Using discretion is always in your best interest. If the app looks shady, it just might be. If you’re still unsure, take a quick look at the app reviews before you hit the download button.
Don’t grant Device Administrator to just anyone
What’s Device Administrator?
Device Administrator is a functionality in Android phones that allows mobile apps access to the system level of your device. For example, security apps, like Lookout, often need access to this layer of your phone to perform actions like wiping it, if a person initiates this action. While Device Administrator can be an effective tool for managing your security, in the wrong hands, it could open up the doors to major security issues.
Think of Device Administrator as a privilege. In order to gain this access, apps must request permission upon download, usually in the form of a pop-up. Yes, this means you’ll actually have to read through the app’s welcome screens.
Ask yourself whether it makes sense for a particular app to have Device Administrator permission? Is it credible? You hold the key to this vault, so don’t give it out freely.
To review (or remove) the current list of apps who have Device Administrator privilege:
Exercise caution when using your smartphone
It sounds like common sense, but simply being alert can can make a difference. Your smartphone is powerful and gives you the freedom to browse the web, access email, and so much more. Keep your eyes open for emails and websites that look shady or sound too good to be true. If that’s the case, they probably are.
Backup your data
If ransomware takes your device hostage, you risk losing all the data on your phone. Even if you agree to meet the attackers' demands, there’s no guarantee it will be returned safely. Performing frequent backups can go a long way in protecting your data and ensure you have options in the event that ransomware hits your phone.