Threats by malware and fraudsters on the rise


Ever hear of Industroyer? – one of the biggest malware threats to critical infrastructure of countries, or Stuxnet, a computer worm, discovered in June 2010, that was specifically written to take over certain programmable industrial control systems? Neither had I until I was doing some research and read a press release from ESET, a global digital security company, protecting millions of customers and hundreds of thousands of companies worldwide.

We might say we are small fish in this huge sea of internet applications. But we are all using some sort of mobile application to make our world go round and don’t realise it until its not there anymore.  We are all invested into some sort of ‘instant communication service’ – the most popular being the apps on iOS and Android devices.  Signal has millions of users, Telegram having many millions more, with WhatsApp the undisputed global leader, with an estimated two billion monthly active users.

That popularity has attracted the scrutiny of ‘threat actors’ keen to find a way to invade your device and for some has ended up costing them and even their employer dearly.

Malicious developers have become proficient over many years at tricking users into downloading their wares.  Such as malicious apps which change your device’s settings and features and slow it down by flooding the device with unwanted advertising, making it difficult to use. Spyware and ransomware designed to eavesdrop on your conversations, messages and other information and designed to completely lock down your device until a fee is paid. Premium-rate services which malware may covertly use, racking up huge bills, including corporate cyberattacks designed to steal your work logins or data, with a view to accessing sensitive corporate data or deploying ransomware across a companies network.

According to ESET, if you inadvertently download and install a malicious app on your phone, it could expose you or your employer to a range of threats including, theft of logins for sensitive accounts, which could be sold to scammers. Theft of sensitive personal data, which could be sold on the dark web to identity fraudsters and theft of banking/financial information, which could be used to plunder your account.

Often, they will produce ‘malicious copycat apps’ designed to mimic legitimate ones. They distribute them via phishing messages in email, text, on social media or the communications app itself, taking you to a scam page and misleading you into installing what you believe to be an official app.

Or they could direct you to legitimate-looking fake apps that may occasionally make it through the strict vetting procedures on the Google Play marketplace or Apple’s iOS platform.

One of the most insidious scams is the deceptive ‘Android loan app’ which masquerades as a legitimate personal loan service provider, promising you quick and easy access to funds. This is most prevalent during and after the Christmas period. It’s designed to defraud you and gain your personal and financial information.

Despite the challenges posed by these fraudulent apps there are effective steps you can employ to safeguard yourself. Stick to official app sources, educate yourself by reading negative app reviews, as positive reviews may have been coerced from previous victims and most importantly use a reputable security app.

If you have fallen victim to a fraudulent app report the incident to the Garda Fraud Squad and your bank. If the app was accessed through Google Play, you can seek help from their support teams by reporting the app and requesting the removal of the data.

T: 086 8362622

Previous The Ten Commandments for us seniors