Protect your card details from smartphone malware

By Michael Lloyd

Hackers looking to steal consumers' personal information or banking details are increasingly turning their attention to smartphones. In fact, police and security experts recently told Sky News the devices will be the No. 1 target of cybercriminals within five years.

Many people know that failing to install up-to-date virus protection or engaging in risky behaviour online on their desktop or laptop will boost their chances of being hacked. However, many do not apply the same caution when it comes to their handsets.

"While we've developed a culture for protecting data on traditional computers with security software and various other tools, when it comes to [smartphones] we're still somewhat ignorant to the dangers of clicking on a link in a text message or email, as we're under the false impression that nothing can happen," Liviu Arsene, senior e-threat analyst at internet security software company Bitdefender, said in an emailed response to questions.secure-smartphone

Devices face increasing threat
Reports of new smartphone malware are popping up all over the place, such as the "WhatsApp Gold" scam, which targeted users of the popular WhatsApp app. Users received messages urging them to sign up for a premium version of the app with extra features and options. Likewise, bogus text messages claiming to be from Apple iTunes were sent to iPhone users. The messages contained a malicious link and urged users to click it to validate their iTunes accounts.

Even charging your handset through an infected computer could put the information on your phone at risk, according to a May 2016 report from software security firm Kaspersky Lab.

With the increasing popularity of mobile payment and banking platforms, it's hardly surprising that smartphones are becoming hackers' target of choice. "In some instances, it's significantly easier to compromise [smartphones] rather than infecting a computer, and the end result could potentially be the same: access to your financial information."

Risky behaviours to avoid
Constant vigilance is required if you want to avoid your device becoming infected with malware. Here are just some of the behaviours that could make you an easy target:

  • Failing to install a reputable anti-virus program on your handset. You can download a suitable protection package from your operating system manufacturer's app store.
  • Downloading applications from unknown sources or third-party marketplaces. You should only install apps from your OS maker's app store. Even then, take the time to check out the background of the developer of any programs you want to download. Rogue apps can sometimes slip through app stores' quality assurance processes.
  • Tapping on bogus ads embedded in web pages. The best way to avoid being tricked by fake banners is to simply not tap them in the first place, but if you're in the habit of checking out smartphone ads, look out for dodgy design or poor spelling and grammar as possible signs that things aren't right.
  • Following links in scam text messages. Hackers send out thousands of dodgy SMS messages purporting to be from companies many people have a relationship with, such as Microsoft or Apple, in the hope that a handful will take the bait. Firms such as these will never text you to request a password reset or something similar. Again, poor spelling and grammar can be a giveaway here. If you suspect you've received a dodgy text message, don't follow any links and delete it immediately.
  • Charging your phone through an unknown computer. If your battery's running low and you're desperate for a quick power top-up, it can be tempting to plug into the nearest computer if you don't have a wall adapter for your USB cable. Doing so can result in your device becoming infected.
  • Opening unknown attachments or links in emails. Whether you're on your computer or phone, opening an unknown message can result in your device becoming compromised. You could also expose yourself by visiting rogue websites. While your virus protection should pick these up, you can keep yourself safe by not visiting them in the first place. Adult websites pose a particular threat.

If you're still a little blasé about the safety of the data on your smartphone, bear in mind that some banks and credit card issuers may refuse to refund any money you lose as a result of a malware infection if you behaved negligently. Metropolitan Police Commissioner Bernard Hogan-Howe even stated in a Telegraph article that victims of online fraud who do not take steps to protect themselves should not be refunded as a matter of course. With this in mind, it's important to realise that failing to recognise the threat posed by smartphone viruses could leave you seriously out of pocket. 

See related: Protect yourself from phishing and smishing, 10 tech-savvy ways to protect yourself from online fraud, Protect yourself from fraud while shopping online

Published: 2 June 2016