Categories
Apps Internet Security Mobile Phones

Four Ways to Infect Your Android Devices with Malware.

Add Your Heading Text Here

Share it:

Although we often blame exploit writers for developing malicious code for malicious purposes such as reading of one’s credentials, spying on a users’ communication and so on, we ought to blame ourselves periodically for allowing our android devices to be pregnant with malware.

This article briefly exposes four ways  how users/employees unknowingly infect their android devices with malware.

  • Sideloading apps:

Sideloading is a term referring to an android user intention to download apps from third-party stores instead of  ”pulling” it from Google’s playstore. Most of these third-party store apps are infected with malware because there is no proper protection  for apps installed on these stores. Thus, we recommend you download apps from Google’s playstore.

  •  Installing apps with numerous permissions:

Most users/employees often fail too observe the list of permissions an app requires in order to function on android devices. Before an android app is installed on your android device, it declares a list of permissions that a user must accept if he/she is interested in the app. Malware take interest in loosely protected apps to retrieve users’ data back to a remote server.

  •      Confirming to flashy updates from random websites:

“something-xxx antivirus is outdated. please download the current version” from  xyz.com .   We often see flashy updates on our mobile screens in a form of ‘Toast’ messages informing us about software expiration. Yes! software expires. But we advise users to download software directly from software vendors’ website.

  •   Clicking links on online forums:

This is one of the easiest ways even script kiddies could use to embedded malware into apps installed on your android devices. If a link on a particular topics interest you, just copy the link and paste it in the url section. It is quite safer than clicking on the link directly.

Avoiding these user-behaviors could save your android devices from malware lurking in the cyber world.

#ISA_informs    #ISA_Ltd

Categories
Internet Security

Five Ways To Battle E-Mail Attacks

Add Your Heading Text Here

Share it:

StopLook, Think‘ is the principle we rely on when accessing mails of all sort from different sources. Indeed, we have benefited from this S-L-T principle. Hence, we want to show you how you can use this principle to battle email attacks targeted at your staff.

Stop & Read Mail Thoroughly: Usually, phishers who are in a haste to retrieve personal information via deceptive tend to make grammatical errors. A careful look and a thorough read could save you from being  deceived by a amateur phisher.  

Verify from the Company: Now after you have read the message, you can verify from the company informing them of a message in your inbox sent by them. It is plausible to do so just to be sure you are reading a message from a legitimate company or not.   

Observe again and again: U.S navy seals are noted for observing target for a longer period before moving on the target physically. You can employ this technique just to understand the concept of the message. For instance, you have received a message from a sender informing you of a prize you have won. In reality, you have not even applied for a competition. How much more win a prize!

Analyze links embedded in messages: You need to analyze links in messages sent into your inbox. Nowadays, phishers careful create links almost similar to that of a legitimate company.

For instance: www.support.klm.de  . Be mindful that this link is not a subdomain nor does it belong it klm. You can analyze links by hovering your mouse over or by observing the final destination of the link in the url bar.   

Think deeper enough: Finally,  think deeper enough about the link. Some phishers are quite clever they could create a similar link to do that of a legitimate company. Let’s analyze this two links:  www.isa.com.gh   ||    www.isa.com   Which one is the legitimate link of cybersecurity company in Ghana?   Thus, it is worth it when you think deeper before clicking on a link.

You can employ these techniques to ward off any email attacks or phishing against your employees or clients. Moreover, you can contact us  for practical user awareness training based on social engineering attacks and prevention.