Posts Tagged Mobile Security

Comprehensive Guide To Mobile Data Security

PDF Version: Comprehensive-Guide-To-Mobile-Data-Security

, , , ,

No Comments

App Access: Threat To Privacy

PDF Version:  App-Access-Threat-To-Privacy

, , , ,

No Comments

What Is Vishing & How To Avoid It

Vishing is the term used for voice or VoIP (voice over IP) phishing. It is a social engineering attack that is launched with a primary goal to extract user’s confidential information and is usually done using an automated dialing and voice synthesizing equipment.

Vishing works just like any other phishing scam. The imposter generally pretends as someone from the bank or as a government representative seeking information. Sometimes, the fraudster may even use voice to text synthesizers or recorded messages to masquerade himself. The attack is launched with an intention to gain access to a person’s PIN number, credit card details, passwords, social security number etc. In most cases, the scammer is successful in making the victim part with their credentials.

When a vishing attack is launched, either of these things happen 

  • A person will receive a call. On answering that call, an automated voice system will ask the victim for their personal information.
  • Sometimes, a fraudster will call the victim and inform that they should call their bank to avail some offer or to provide certain information. The victim then hangs up the phone to dial bank’s number but fraudster doesn’t and keeps the lines open. Victim hears a spoofed dialing tone and some other scammer answers the phone call. They impersonate their identity as bank official to steal the required information.

How Do They Obtain Your Number?

There are several possibilities by which the fraudsters obtain your number. Some of which are

  • Using stolen phone information
  • Auto – generated numbers
  • Numbers and details compromised in a previous data breach

Techniques Used By Them

  • Impersonate As Genuine Callers – There is high probability that these scammers already have your personal information and address you as genuine people over the phone.
  • Holding The line – Sometimes, cyber criminals hold your call. They then direct your call to another scammer when you call them back.
  • Sense Of Urgency – The most common approach is to incite fear in the mind of a person. The caller makes the victim believe that their money is in danger. He/she then acts hastily without thinking much and commits the mistake of sharing their confidential information with the fraudster.
  • Phone Spoofing – The number from which the call comes seems to be genuine and so you believe what the caller says, often ending up in sharing your login credentials or passwords.

How To Avoid Them

  • Never Share Your Personal Information Over The Phone – If you pick a call that seems to be from a legitimate caller, never share your personal information over the phone in the first place. No bank or government institution will ask you to provide your credentials over the phone. In case they do, then ask the caller’s name and tell them that you would call them back after some time. Search for the bank’s official number and inquire from them about the call.If you sense something suspicious then there are chances that the call was a vishing attack launched at you.
  • Use A Caller ID App – There are numerous apps such as Truecaller that allow you to know the callers identity. It has billions of spam numbers locked in their database and if you come across such a number then you can also add it to their spam database.

For more information on IT Security, call Centex Technologies at (254) 213-4740.

, ,

No Comments

Most Common Mobile Threats

Mobile phones have become a part and parcel of our lives. As per Statista, by 2020 there would be 9,038 million mobile phone users globally. With their increasing use, another important issue that comes into picture is the mobile security. Here we have listed some common mobile threats you must be aware of –

Data Leakage – Fraudulent apps seeking personal information can lead to data leakage and are a serious threat to mobile security. Mobile users need to be extra careful while granting permissions to various apps to gain access to gallery, notes and other folders. If a certain app requires you to fill in more information than what is generally required then it is best to avoid it.

Spyware – Your private information remains private no more. Spyware is a type of malware that collects information about the websites you visit, whereabouts and sometimes even your personal information. The collected data is then sent it to a third party without your consent or knowledge.

Viruses & Trojans – Viruses often masquerade themselves and come along with a program that seems legitimate. They can then hijack your personal information as well as sensitive login credentials or send unauthorized premium rate texts. Viruses can also enter your mobile when an app containing malware is installed on your phone.

IoT Threats – Almost all the devices are now connected with our smartphones. If a hacker gains access to your mobile phone then chances are that they can hack information available on other connected devices as well.

Network Spoofing – This often happens when you browse the internet using unknown Wi- Fi networks. Cyber criminals spoof the access points and then hack your emails, contact information etc. to use it for their benefit.

Out–Of-Date Software – There are higher chance of falling prey to a malware attack when your mobile phone runs on an outdated software that hasn’t been updated. Out-of-date software don’t have appropriate security patches often resulting in your pivotal information getting hacked.

Tips To Avoid Mobile Threats

  • Update your mobile system regularly.
  • Don’t set up easy passwords if you browse sites that contain sensitive login credentials.
  • Install a good mobile anti-virus software.
  • Download the apps from App store only.
  • Try to avoid using unknown Wi-Fi networks.
  • Read the end user agreement before actually downloading an app.

For more information on IT Security, call Centex Technologies at (254) 213-4740.

, ,

No Comments

How To Improve Your Organization’s Mobile Security

29 August, 2016

Mobile security is becoming an important issue for the organizations to address. There is no denying the fact that mobile devices help to save time and increase employee efficiency to a great extent. However, the potential security risks posed by these devices cannot be overlooked. It is seen that most employees use the same mobile device for personal and official purposes. It means that connecting to an unsecure network or downloading a malicious app puts both type of data at risk.

Listed below are some tips to improve mobile security in an organization:

  • Use Strong Passwords: A lengthy and difficult password is the first line of defense against a potential data breach. Therefore, encourage your employees to keep their devices protected with a strong password. Besides the basic mobile security options like PIN numbers or patterns, they should opt for more sophisticated ones like fingerprint scanner, facial recognition, voice recognition etc.
  • Install Anti-Malware Software: Owing to the ignorance of users, hackers are constantly targeting mobile operating systems to initiate a malware attack. It is important that the devices used by your employees to connect to the corporate network have an anti-malware software installed. They should also regularly update the software to stay protected against the recent forms of malware.
  • Avoid Unsecured Wi-Fi: Many organizations today are allowing employees to work from remote locations, which increases the risk of your company’s important data being accessed and shared over public Wi-Fi connections. Make sure your employees are aware of the potential security risks and access corporate data through secure Wi-Fi networks only.
  • Encrypt Confidential Data: Encryption of sensitive information sent and received on mobile devices can go a long way in improving your company’s cyber security. Organizations can implement encryption policies according to the employee groups or the level of data confidentiality.
  • Choose Mobile Applications Carefully: You should limit or block the use of third party software on mobile devices being used for official communications. This can help to prevent the occurrence of a breach resulting from unintentional drive-by downloads or installation of applications having backdoors to transmit company’s information to the hackers. Employees should be allowed to install only reliable and a limited number of apps from a legitimate source.
  • Create Secured Mobile Gateways: You can consider directing mobile traffic through a special gateway with targeted security controls, such as firewalls, web content filtering and data loss prevention. This will restrict the employees from using the company’s internal network for personal communications, thereby preventing unwanted software downloads.

For more tips on improving your organization’s mobile security, you can contact Centex Technologies at (855) 375 – 9654.

,

No Comments