Smartphones have managed to hold out against ransomware a bit longer than other hardware and operating systems, but those days are coming to an end. It’s important to remember that the average smartphone is not protected with antivirus software and thus remains threatened by your standard ransomware attacks. It is absolutely critical that your business doubles down on its protection against ransomware, especially in the mobile market.
Ransomware is defined as a malware that gives a hacker the ability to control a computer or network and hold it for a ransom. Users lose access to the controls and data that allows the system to function, and the only reprieve in most cases is to restore a backup of said data. Users have to decide whether they want to lose access to that data, restore the data from a backup, or pay the ransom in hopes that the hacker will honor their word and restore access.
Think about the number of smartphones which exist in the world today and the fact that most computing these days happens from mobile devices. With so much data to steal and devices to tap, it makes total sense for hackers to focus their efforts on mobile devices.
When it comes to malware dissemination, phishing attacks are hackers’ go-to methods of infection. When you think about how easy it is to slip up and click on the wrong link, you’ll realize that phishing is a very real threat to your organization and your data. Phishing can come in many different forms, too, adding to the stress. Will the hacker call you on the phone, send you an email, text you a link, contact you through social media, or even send you a physical mailer? It can be quite overwhelming.
Most mobile platforms remain remarkably secure even against the potent threat that is ransomware. Most scams resort to targeting the device’s cloud storage, locking it down, and demanding a ransom in the process. One particular iPhone scam uses the Find My Phone feature that allows the user to remotely lock the device. Scammers only wanted $100 to unlock the device, and with such a low asking price, people are of course going to pay up rather than go through the hassle of involving the authorities or other professionals. Hackers who gain access to an iOS account can even use the information to create new iCloud accounts and move all data into these new accounts until the ransom is paid.
Threats which target Android are similarly problematic, and they all start with phishing. The most dangerous one was called ScarePackage that targeted 900,000 Android smartphones over the course of 30 days. It was deployed through a fake app that could lock down the device and threaten that the FBI was the one responsible for doing so with the only solution being to pay a ransom. The FBI isn’t in the business of extortion, so this is a simple case of coercion and fear manipulation by hackers.
Let’s examine some things you need to know about mobile phishing schemes.
ATECH MSP knows how to combat the countless types of cyberthreats out there, phishing and ransomware included. We can use our knowledge to implement high-quality technology tools and to educate your team on how to make the best decisions possible with their technology. To learn more about what we can do for your business, call us today at 661-840-8707.