As iPhone 6S Launches, Time to Remember Some Mobile Security Basics

ios-threats_th

If you’ve been hiding on Mars for the past week, you might have missed that Apple has just launched its latest iPhone. Perhaps lacking some of the gee-whizz-bang features of previous major releases, the iPhone 6S and 6S Plus nevertheless contain enough to keep die-hard fans happy.

Smartphone design has come a long way in a short space of time. But when technology moves this fast, security often doesn’t have time to catch up.

And when there’s even the smallest gap to exploit, you can bet cybercriminals will sneak through to compromise the device.

A risky business

Given that the smartphone is effectively a mini-computer in your pocket, it’s susceptible to most of the major threats facing your Internet-connected PC at home. This includes:

  • Web-based attacks
  • Social media threats and Facebook privacy risks
  • Online banking attacks
  • Phishing, spam, and other email borne threats

Additionally, there are specific smartphone-based threats you’ll also want to protect yourself from. These include:

  • Device loss or theft
  • Insecure Wi-Fi as a vector for attacks, especially Man in the Middle
  • Malicious apps

Malicious apps are usually disguised as legitimate apps and are most commonly found in third party app stores. They can range from “dialerware” designed to steal money by secretly using premium services, to spyware, ransomware, and information-stealing malware.

The volume of Android malware spiked from 4.26 million at the end of last year to a whopping 7.1 million in the first half of 2015. While Google has gotten much better of late at vetting new apps as they’re uploaded to the official Play Store, Apple has always tightly controlled approvals for official iOS apps. This doesn’t mean there are no threats to Apple devices.

Earlier this year, Trend Micro analysed the state-sponsored Operation Pawn Storm campaign and uncovered two pieces of iOS spyware related to the info-stealing SEDNIT malware. One, XAgent, downloaded by clicking on a malicious link and was effective even on non-jail-broken devices. The risks are even greater, of course, if you decide to jailbreak your handset. A major, recently-discovered threat is called KeyRaider.  It’s malware that has stolen more than 225,000 valid Apple accounts and thousands of certificates, private keys, and purchasing receipts.

Advice

Here are a few mobile security tips for keeping your current or shiny new iPhone 6s safe:

  • Ensure your device has remote lock and wipe capabilities
  • Use passwords for all your devices
  • Avoid using public Wi-Fi hotspots
  • Ensure devices are protected with mobile security software that:
  1. Blocks fraudulent websites
  2. Protects your privacy on Facebook and Twitter
  3. Allows you to back up and transfer your contacts
  4. Locates a missing device
  5. Monitors monthly/daily data usage


from Trend Micro Simply Security http://ift.tt/1Y3lPg7
via IFTTT