| Individuals May 26, 2016


May 26, 2016

How to avoid paying ransom for your own device and data

By Lookout

Infographic_Week2_FINAL_600px
In this 4-part series you’ll learn why mobile security matters. We’ll explain common threats, debunk myths, and give you the tools to protect your phone and data -- all while speaking a language you still understand. This is part one. Stay tuned for next week’s chapter on Surveillanceware.
Imagine opening your phone only to find a message from the FBI accusing you of illegal activity. After frantically swiping and clicking every button possible, you realize you cannot gain access to your phone.
The option presented to you is this: pay money to get your device back or be subject to a criminal investigation for some scary accusations: child pornography, zoophilia, and more.
Unfortunately, if you encounter this or a similar scenario, your phone is probably infected with mobile ransomware.
What is ransomware?
Ransomware, like its name suggests, is a type of malware that holds your phone and data hostage for a price. This type of malware locks your device’s screen, blocking you from accessing any of your device’s features: phone, texts, apps, camera, emails, etc.
Example of ransomware. Example of ransomware.
In the majority of cases, restarting or factory resetting your device leads nowhere. Equally, there is no guarantee that your phone and data will be returned, if you do pay the ransom. Ransomware is, unfortunately, very difficult to remove. Individuals believe their device, including the contents on that device — emails, contacts, photos, and more — is worth upwards of $14,000, according to a recent Lookout study. Our smartphones have become our most personal devices and they mean a great deal to us. Nearly 75% of people (NBA stars included) admit that they are addicted to their phone, so it’s not a big leap to assume many would consider paying the ransom to see it safely returned.
In order to avoid falling victim to mobile ransomware, you must first understand how it operates. Similar to other types of malware, ransomware can land on your phone in a few different ways.
How does ransomware get on your phone?
Drive-by download
A mobile drive-by download attack occurs when you visit a compromised website that secretly downloads an app on your phone.
By 2020, smartphones will account for 80% of all mobile data traffic, meaning, we connect to the Internet a lot on our phones. It’s very possible that at some point, you’ll inadvertently visit a malicious website.
This was the case for a variant of ransomware Lookout discovered in late 2014 called “ScarePakage.” In the span of one month, roughly 900,000 people were targeted.
Phishing scams
If you have an email or social media account, it’s likely that you’ve received a phishing message. Phishing is a common attack tactic that tricks you into clicking on a link or downloading a file. Phishing emails could be disguised as an urgent message from your bank, notification from the federal government, and in some advanced cases, an email from your best friend or coworker.
If you’re fooled into clicking a malicious link, you could then be redirected to a compromised website that initiates a ransomware drive-by download. Likewise, downloading an attachment directly from the email can have the same end result.
Downloading from third-party stores
To some extent, unofficial app stores don’t patrol their marketplaces as diligently as official stores, like Google Play or the Apple App Store. Naturally, ransomware authors who are looking to make a quick buck, are looking for the path of least resistance -- this means targeting third-party stores where requirements for entry are less severe.
Oftentimes, malware authors go one step further. In order to slip under the radar and coax users into downloading, ransomware has been known to masquerade as fake versions of legitimate apps, such as Adobe Flash or anti-virus products.
Fortunately, there are simple security measures you can implement to avoid stepping into a ransomware trap.
Here’s how you avoid ransomware
Activate a mobile security app, like Lookout, that works in the background to alert you if your device has been compromised. Lookout scans every new app you download and monitors the existing apps on your phone. If a security alert is triggered, you’ll receive a notification immediately and be given the option to remove the app.
To perform a security scan with Lookout: Security > Scan Now
If you don’t already have Lookout, you can download it here: Screen Shot 2016-04-15 at 4.41.11 PM
Screen Shot 2016-04-15 at 4.41.21 PM
Avoid shopping in third-party app stores
As easy as it may be to venture off the beaten path, stick to downloading from official marketplaces like Google Play, the Apple App Store, or the Amazon App Store. Using discretion is always in your best interest. If the app looks shady, it just might be. If you’re still unsure, take a quick look at the app reviews before you hit the download button.
Don’t grant Device Administrator to just anyone
What’s Device Administrator?
Device Administrator is a functionality in Android phones that allows mobile apps access to the system level of your device. For example, security apps, like Lookout, often need access to this layer of your phone to perform actions like wiping it, if a person initiates this action. While Device Administrator can be an effective tool for managing your security, in the wrong hands, it could open up the doors to major security issues.
Think of Device Administrator as a privilege. In order to gain this access, apps must request permission upon download, usually in the form of a pop-up. Yes, this means you’ll actually have to read through the app’s welcome screens.
Ask yourself whether it makes sense for a particular app to have Device Administrator permission? Is it credible? You hold the key to this vault, so don’t give it out freely.
To review (or remove) the current list of apps who have Device Administrator privilege:
Screen Shot 2016-05-26 at 10.03.08 AM
Exercise caution when using your smartphone
It sounds like common sense, but simply being alert can can make a difference. Your smartphone is powerful and gives you the freedom to browse the web, access email, and so much more. Keep your eyes open for emails and websites that look shady or sound too good to be true. If that’s the case, they probably are.
Backup your data
If ransomware takes your device hostage, you risk losing all the data on your phone. Even if you agree to meet the attackers' demands, there’s no guarantee it will be returned safely. Performing frequent backups can go a long way in protecting your data and ensure you have options in the event that ransomware hits your phone.

Author

Lookout

Leave a comment

Submit


8 comments


Timothy says:

June 20, 2016 at 2:07 am

How come none of the promo codes are working?


Meghan Kelly says:

June 21, 2016 at 1:52 pm

Hi Timothy, I'm sorry, I'm not sure which promo codes you're referencing! Please reach out to our support team? Hopefully they'll be able to help you get this sorted out. support [at] lookout [dot] com


Umar Black says:

June 17, 2016 at 3:34 am

Great info!


Michelle chylik says:

June 16, 2016 at 7:30 am

My other android phone has the FBI virus. How do I get rid of it? It is an older phone, a Pantech Flex 8010.


Meghan Kelly says:

June 17, 2016 at 2:34 pm

Hi Michelle, unfortunately, ransomware is a tricky one to solve. If it has already taken over your device, you may experience data loss in removing it. Not all ransomware encrypts your data/blocks you from accessing it in the same. You could try to wipe the device or take it to a specialist to have a new ROM put on the device.


Jason Callis, Sr. says:

June 15, 2016 at 10:09 am

Thanks Lookout! This is why I love having a paid account with your service! You guys always keep us informed and "Look Out" for our best interest! Thanks for keeping us safe!


Meghan Kelly says:

June 15, 2016 at 2:35 pm

So glad to hear! Thanks for being a customer. :)


Kathy says:

June 14, 2016 at 11:38 am

I cannot find a Device Adminstrator setting on my iPhone! Lookout is working.


Meghan Kelly says:

June 14, 2016 at 11:58 am

Hi Kathy, unfortunately because settings vary from Android OS to Android OS, we tried to provide one of the most common ways to find device administrator. I'd get in touch with your carrier or research your particular device type and OS version to find out how to check for device administrators on your phone. If you have Lookout, though, we're watching out for you and would alert you if you ever came in contact with ransomware! Thanks for being a customer.


Lex says:

June 15, 2016 at 7:12 am

Goto Settings> Lock screen and security> Other security settings> Device administrators.


+ Load more comments