If you think it’s just your desktop computer that’s susceptible to spyware, think again. With the boom in smartphone usage over the past couple of years, and with people now conducting more commercial
transactions on their phone, smart phones are increasingly becoming a target of cyber thieves.
So, what exactly is mobile phone spyware?
Mobile phone spyware is a type of malware that records your personal information and tracks what
you do on your phone without your knowledge. While hackers used to target desktop computers in
the past, it’s more common these days for them to target mobile phones since people are spending
more time on their phones now compared with being in front of the computer. In 2017, 37.5%
of Malaysian smartphone users did their banking through their devices and this will have increased
Most smartphone users would tell you that they enter more valuable information about themselves
on their mobile phones than anywhere else! There’s so much personal information in our
smartphones because it’s accessible and we’re doing so much with it – from connecting and
engaging with people and brands, to paying bills and doing our banking. It doesn’t occur to us to
worry because we all think that mobile phones are invulnerable to virus attacks.
We don’t realise that spyware can be transferred to our phones as easily as downloading third party software and opening an infected file through your email.
Here’s how cyber criminals can breach our defences
Andrew Blaich, a researcher from mobile security company Lookout, and Eva Galperin, a cybersecurity
director from the Electronic Frontier Foundation, told attendees at the 2018 Kaspersky Security
Analyst Summit in Mexico about Dark Caracal, a sinister worldwide malware campaign that infected
thousands of mobile devices in over 20 countries.
The campaign was traced to a building in Beirut and operated by putting up an app that looked almost identical to the original. This ‘dupe’ fooled thousands of people into installing the app. Once it was in smartphones, the cyber criminals had access to all the valuable personal data in those devices.
While the App Store and Google Play Store can protect us from downloading an infected app the
masterminds behind Dark Caracal were able to prey on unsuspecting users because they imitated
trusted messaging apps like WhatsApp and Signal. They enticed users to download the apps from a
third party website called Secure Android by offering safer versions of the original.
Users were attracted because the Google Play store isn’t available in China for instance, where there are millions of active Android users.
So we’ve established that mobile phone spyware is a threat. How can we protect ourselves?
2. Never download an app from a website you don’t know
Users with smartphones and tablets running on Android 4.0 and above are able to install apps
outside of Google Play Store which allows for more freedom for the user but comes with its own set
of dangers (refer to the Dark Caracal incident). Don’t forget that cyber criminals can sometimes
create sites with URLs that look very similar to the original so be mindful of the URL before clicking
on it. If you want to be safe, the best move would be to download apps through the Google Play
Store. Reasons why this is not applicable to Apple users are in Item One.