Berlin, July 10, 2013 - Android is by far the most popular operating system for mobile devices such as smartphones or tablet PCs. But that status also means opportunities for cyber criminals: in 2012 alone, the amount of malware specifically targeting Android users jumped from 17,000 to more than 214,000 samples each month. And malware is no longer being smuggled into the system via app downloads only; mobile e-mail use also offers an easy target. One particularly popular trend is to send links via hacked e-mail accounts leading to seemingly secure mobile Web sites. These sites, though, automatically forward users to subpages that use invisible iframes to scan the precise version of the operating system being used, introduce updates, and enable long-term access to sensitive user data (these are so called multifunction Trojans).
The Eleven Research Team offers its six most basic tips for protecting users from such attacks:
1. Pay attention when downloading apps
App downloads continue to present one of the greatest risks for smartphone users. Despite countless precautionary measures, cyber criminals are able to plant dangerous and manipulated apps into the incalculable quantity of available apps time and again. Be sure to only download apps from official stores (Google Play for Android users) and from providers you know and trust whenever possible.
2. Install virus protection
Install an antivirus app! When making your choice, stick with well-known providers, such as those that also offer security solutions for computers. Be aware of the large number of fake security apps. Android malware is even often disguised as an antivirus app, as in the case of the recently discovered fake antivirus software called Android Fakedefender.
3. Keep apps up to date
Regularly updating apps is especially important to ensure protection against the latest threats. Many malware and virus attacks target well-known weak spots that are only fixed through updates. For that reason, make sure to always keep apps up to date.
4. Connect securely
One thing cyber criminals find particularly attractive is a key feature of mobile devices: a permanent Wi-Fi or mobile network connection. First, it makes the device perpetually available to hacking and other attacks; second, a bot infection makes it possible for spam and malware e-mails to be sent 24?7. A secure network connection is thus especially important - particularly for publicly accessible services, such as free Wi-Fi, which are particularly risky. Ensure that your cell phone's wireless interfaces are not on all the time and deactivate the Wi-Fi, Bluetooth, and infrared mode when not in use.
5. Use caution when banking online
Due to the sensitive data involved, it is extremely important to be careful when using online banking services. This is why many banks offer a two-tier security system in which authentication takes place via the browser and cell phone. The underlying idea behind the security concept is that it is unlikely that cyber criminals would be able to access your computer and cell phone at the same time. Keeping this fact in mind, be sure to never use the same device for both authentication processes.
6. Think carefully before clicking on email links
Email remains a significant method for trapping users and causing them to click on dangerous links. The problem is more severe on mobile devices where it is difficult to "mouse over" links to see if they are genuine. Cybercriminals use proven social engineering to make emails and even destination pages appear very genuine. When receiving an email (even from a friend), ask yourself whether the email was expected, and whether it seems genuine.
Eleven on Twitter: http://www.twitter.com/elevensecurity
Eleven - Integrated Message Security
Leading German e-mail security provider Eleven is a pioneer in the field of managed e-mail security and offers products and services for protecting e-mail infrastructures for companies, ISPs, and public institutions. The company, founded in 2001 and headquartered in Berlin, specializes in cloud-based managed e-mail security. In addition, Eleven also offers in-house software and white-label solutions as well as SDKs for OEM partners.
Eleven examines and filters over one billion e-mails every day. Globally, Eleven solutions protect over 45,000 companies. Eleven customers include Internet service providers such as 1&1, T-Online, Freenet, and O2 as well as renowned corporations and organizations such as Air Berlin, BMW, the Federal Association of German Banks, DATEV, the Free University Berlin, Porsche, RTL Television, SAP, and ThyssenKrupp. Eleven is part of the globally active Internet security provider Commtouch® (NASDAQ: CTCH). For more information, visit our website at: http://www.eleven.de.