SlideShare a Scribd company logo

Protecting Yourself Against Mobile Phishing

Alliance Data card services - Know More Sell More
Alliance Data card services - Know More Sell More
Technology
1 of 10
Download to read offline
A DIGITAL LIFE E-GUIDE Protecting Yourself AgainstMobilePhishing
More and more people are enjoying online activities via mobile devices. A comScore research1 says that 4 of 5 US users shop online via smartphone. They also found out that 52% of users browse websites2 on their gadgets, while 39% visit social networking sites or blogs. You should be able to enjoy these activities safely, without worrying about threats like mobile phishing. This is easy to do, as long as you understand what it is and how you can protect yourself from it. Mobile phishing is simply phishing done via a mobile device, like your smartphone or tablet. Phishing is when cybercriminals solicit your personal information—like usernames and passwords—by spoofing the email or websites of legitimate entities. If you use your gadget for activities that require you to log in to a page, such as online banking, shopping, and social networking, then you’re at risk to this threat. What makes mobile phishing different from its desktop version is that it takes advantage of the limitations of the mobile platform in order to steal your information. Some of these limitations include: • Small screen size – This limits your device’s ability to display everything3 on a mobile browser. Cybercriminals can use this to conceal telltale elements on their phishing pages. • Default browsers – Certain devices prevent you from using more secure browsers. They have pre-installed default browsers that automatically open any clicked link. • Simple UI (User Interface) design – Mobile device UIs are designed for a quick and streamlined user experience, so some security measures are skipped. This puts you at risk. A Georgia Tech University study4 shows that most mobile browsers forgo displaying graphical icons that indicate a website’s legitimacy and connection security. These limitations aren’t necessarily harmful. But they are also not very helpful in securing you against mobile phishing. 1 http://www.comscore.com/Insights/Press_Releases/2012/9/Retailers_Carving_Out_Space_in_the_M-Commerce_ Market 2 http://www.comscore.com/Insights/Press_Releases/2013/1/comScore_Reports_November_2012_U.S._Mobile_Sub- scriber_Market_Share 3 http://blog.trendmicro.com/trendlabs-security-intelligence/mobile-browser-security-problem-exists-between- device-and-chair/ 4 http://www.gatech.edu/research/news/mobile-browsers-fail-georgia-tech-safety-test
What They Don’t Want You to See Mobile phishing pages hide malicious routines that enable cybercriminals to steal your personal information. Cybercriminals see your data as assets they can either sell or use to carry out other schemes. Here’s what cybercriminals are after: • Your financial accounts – Cybercriminals are known to break into bank accounts and siphon money off of them. • Your social networking accounts – Cybercriminals can hijack your social networking accounts in order to spread scams and malware to others in your contact list. They can also mine your contacts’ accounts for more personal information. • Your online shopping accounts – Cybercriminals can use your own online shopping account to buy themselves very expensive gifts, especially if your card is already tied to the account. • Your identity and reputation – Cybercriminals can use your profile, name, or image to pose as you to your coworkers, family, or friends in order to scam them. They may also use your personal information in an attempt to damage your or someone else’s reputation.
Proceed with Caution Every time you browse the Internet, be aware of the signs of mobile phishing. 1. Altered URLs: Cybercriminals take advantage of a mobile device’s small screen. The address bar’s size can hide the difference between a phishing page URL from a legitimate one. Below is a side-by-side comparison showing the difference in the URLs. Notice that the legitimate URL uses HTTPS, a secure protocol, while the phishing URL does not. The fake PayPal URL also has additional text in the address. 2. Fishy graphics and typographical errors: Looking at the example above, the phishing site also sports an unfamiliar new logo and altered text. If you’re not keen enough to know what the legitimate page looks like, chances are, you might get tricked. Figure 1. Fake Paypal URL and page (left) vs. legitimate URL and site (right)
Considering the shift towards using mobile devices in this “post-PC” era, mobile phishing isn’t only real, it’s also inevitable. Here are ways to protect yourself against it. • Use official apps. If your online banking or shopping website has an app, use that instead of your mobile browser. But make sure to download these apps only from their official sources. This cuts out the middleman and makes the transaction strictly between you and your website. This denies cybercriminals the opportunity to phish for your information. • Avoid clicking links or opening attachments in emails from suspicious senders. Always verify the emails you receive before taking any action. The links and files within them can be malicious. • Double check the webpage and its URL. If you’ve already landed on a phishing page, be vigilant. Consider how you got there and inspect the details. Did you click on a link you got from an email? There are legitimate emails that ask you to do this—email verification for example—but this is how phishing mails usually operate. Tap your online browser’s address bar to fully display its contents. Scan for typographical errors or additional characters. Cybercriminals take over domains, banking on users making errors while typing or not noticing changes in the URL. • Bookmark websites you frequent. If you must use your smartphone’s mobile browser, bookmark the sites you use frequently. This lessens your chances of landing on a phishing website due to spelling mistakes. • Get a mobile security solution. Trend Micro™ Mobile Security keeps your mobile device and mobile data safe by identifying and blocking not only phishing threats, but also other web threats like malicious or high-risk URL and apps. What You Can Do
©2013 by Trend Micro, Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro, Incorporated. All other product or company names may be trademarks or registered trademarks of their owners. TRENDLABS TrendLabs is a multinational research, development, and support center with an extensive regional presence committed to 24 x 7 threat surveillance, attack prevention, and timely and seamless solutions delivery. With more than 1,000 threat experts and support engineers deployed round-the-clock in labs located around the globe, TrendLabs enables Trend Micro to continuously monitor the threat landscape across the globe; deliver real-time data to detect, to preempt, and to eliminate threats; research on and analyze technologies to combat new threats; respond in real time to targeted threats; and help customers worldwide minimize damage, reduce costs, and ensure business continuity. TREND MICRO Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers. A pioneer in server security with over 20 years’ experience, we deliver top-ranked client, server and cloud-based security that fits our customers’ and partners’ needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro™ Smart Protection Network™ cloud computing security infrastructure, our products and services stop threats where they emerge— from the Internet. They are supported by 1,000+ threat intelligence experts around the globe.

Recommended

Blue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware ReportBlue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware ReportContent Rules, Inc.
 
Top Cyber Threats of 2009
Top Cyber Threats of 2009Top Cyber Threats of 2009
Top Cyber Threats of 2009Symantec
 
Symantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec
 
Compilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksCompilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksArrayShield Technologies Private Limited
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hackingMd. Mehadi Hassan Bappy
 
Avoiding Bad URL's In the Mobile Web
Avoiding Bad URL's In the Mobile WebAvoiding Bad URL's In the Mobile Web
Avoiding Bad URL's In the Mobile WebAlliance Data card services - Know More Sell More
 
Facebook
FacebookFacebook
FacebookPuni Hariaratnam
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeKushal Mondal
 

Recommended

Blue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware ReportBlue Coat 2013 Systems Mobile Malware Report
Blue Coat 2013 Systems Mobile Malware ReportContent Rules, Inc.
 
Top Cyber Threats of 2009
Top Cyber Threats of 2009Top Cyber Threats of 2009
Top Cyber Threats of 2009Symantec
 
Symantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec
 
Compilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksCompilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksArrayShield Technologies Private Limited
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hackingMd. Mehadi Hassan Bappy
 
Avoiding Bad URL's In the Mobile Web
Avoiding Bad URL's In the Mobile WebAvoiding Bad URL's In the Mobile Web
Avoiding Bad URL's In the Mobile WebAlliance Data card services - Know More Sell More
 
Facebook
FacebookFacebook
FacebookPuni Hariaratnam
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeKushal Mondal
 
Cyber Security Motivation
Cyber Security MotivationCyber Security Motivation
Cyber Security MotivationSuman Thapaliya
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till nowelakkiya poongunran
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldAvishek Datta
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger Abhishek Hirapara
 
Smartphone 7 aug14
Smartphone 7 aug14Smartphone 7 aug14
Smartphone 7 aug14Naval OPSEC
 
Phishing technology
Phishing technologyPhishing technology
Phishing technologyPreeti Papneja
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORTvineetkathan
 
Five cyber threats to be careful in 2018
Five cyber threats to be careful in 2018Five cyber threats to be careful in 2018
Five cyber threats to be careful in 2018Ronak Jain
 
Social Networking Threats
Social Networking ThreatsSocial Networking Threats
Social Networking Threatsejhilbert
 
Phishing technology
Phishing technologyPhishing technology
Phishing technologyharpinderkaur123
 
Phishing
PhishingPhishing
PhishingEsraa Yaseen
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaAnjoum .
 
Social Media & Crime
Social Media & CrimeSocial Media & Crime
Social Media & CrimeInstant Checkmate
 
RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013EMC
 
Phishing
PhishingPhishing
PhishingSyeda Javeria
 
Year of the AppSec Breach_Forrester
Year of the AppSec Breach_ForresterYear of the AppSec Breach_Forrester
Year of the AppSec Breach_ForresterJessica Lavery Pozerski
 
What Are My Risks
What Are My RisksWhat Are My Risks
What Are My Risksrothl
 
Data breach
Data breachData breach
Data breachsrushtikadu1
 
Digital privacy
Digital privacyDigital privacy
Digital privacyAnna Adel
 
Cybersecurity awareness.pdf
Cybersecurity awareness.pdfCybersecurity awareness.pdf
Cybersecurity awareness.pdfCRO Cyber Rights Organization
 
Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?VISTA InfoSec
 
September 2019 part 9
September 2019 part 9September 2019 part 9
September 2019 part 9seadeloitte
 

More Related Content

What's hot

Cyber Security Motivation
Cyber Security MotivationCyber Security Motivation
Cyber Security MotivationSuman Thapaliya
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldAvishek Datta
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger Abhishek Hirapara
 
Smartphone 7 aug14
Smartphone 7 aug14Smartphone 7 aug14
Smartphone 7 aug14Naval OPSEC
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORTvineetkathan
 
Five cyber threats to be careful in 2018
Five cyber threats to be careful in 2018Five cyber threats to be careful in 2018
Five cyber threats to be careful in 2018Ronak Jain
 
Social Networking Threats
Social Networking ThreatsSocial Networking Threats
Social Networking Threatsejhilbert
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaAnjoum .
 
RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013EMC
 
What Are My Risks
What Are My RisksWhat Are My Risks
What Are My Risksrothl
 
Digital privacy
Digital privacyDigital privacy
Digital privacyAnna Adel
 

What's hot (19)

Cyber Security Motivation
Cyber Security MotivationCyber Security Motivation
Cyber Security Motivation
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till now
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark World
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger
 
Smartphone 7 aug14
Smartphone 7 aug14Smartphone 7 aug14
Smartphone 7 aug14
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORT
 
Five cyber threats to be careful in 2018
Five cyber threats to be careful in 2018Five cyber threats to be careful in 2018
Five cyber threats to be careful in 2018
 
Social Networking Threats
Social Networking ThreatsSocial Networking Threats
Social Networking Threats
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Phishing
PhishingPhishing
Phishing
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wandera
 
Social Media & Crime
Social Media & CrimeSocial Media & Crime
Social Media & Crime
 
RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013
 
Phishing
PhishingPhishing
Phishing
 
Year of the AppSec Breach_Forrester
Year of the AppSec Breach_ForresterYear of the AppSec Breach_Forrester
Year of the AppSec Breach_Forrester
 
What Are My Risks
What Are My RisksWhat Are My Risks
What Are My Risks
 
Data breach
Data breachData breach
Data breach
 
Digital privacy
Digital privacyDigital privacy
Digital privacy
 

Similar to Protecting Yourself Against Mobile Phishing

Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?VISTA InfoSec
 
September 2019 part 9
September 2019 part 9September 2019 part 9
September 2019 part 9seadeloitte
 
11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In Danger11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In DangerCopper Mobile, Inc.
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of CybercrimeRubi Orbeta
 
E-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-CommerceE-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-Commerceabe8512000
 
Crimes in digital marketing..pptx
Crimes in digital marketing..pptxCrimes in digital marketing..pptx
Crimes in digital marketing..pptxRajviNikeetaRathore
 
Center for Identity Webcast: The Internet of Things
Center for Identity Webcast: The Internet of Things Center for Identity Webcast: The Internet of Things
Center for Identity Webcast: The Internet of Things The Center for Identity
 
computer and security
computer and security computer and security
computer and security Sumama Shakir
 
proofpoint-blindspots-visibility-white-paper
proofpoint-blindspots-visibility-white-paperproofpoint-blindspots-visibility-white-paper
proofpoint-blindspots-visibility-white-paperKen Spencer Brown
 
Mobile banking issues in banking and insurance
Mobile banking issues in banking and insuranceMobile banking issues in banking and insurance
Mobile banking issues in banking and insuranceKumarrebal
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionEMC
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile securityKavita Rastogi
 
negative implications of IT
negative implications of ITnegative implications of IT
negative implications of ITMahdiRahmani15
 
Top Positive and Negative Impacts of AI & ML on Cybersecurity
Top Positive and Negative Impacts of AI & ML on CybersecurityTop Positive and Negative Impacts of AI & ML on Cybersecurity
Top Positive and Negative Impacts of AI & ML on CybersecurityPixel Crayons
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingmentAswani34
 
Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015anpapathanasiou
 

Similar to Protecting Yourself Against Mobile Phishing (20)

Cybersecurity awareness.pdf
Cybersecurity awareness.pdfCybersecurity awareness.pdf
Cybersecurity awareness.pdf
 
Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?
 
September 2019 part 9
September 2019 part 9September 2019 part 9
September 2019 part 9
 
11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In Danger11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In Danger
 
Smartphone Security Article
Smartphone Security ArticleSmartphone Security Article
Smartphone Security Article
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of Cybercrime
 
E-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-CommerceE-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-Commerce
 
Crimes in digital marketing..pptx
Crimes in digital marketing..pptxCrimes in digital marketing..pptx
Crimes in digital marketing..pptx
 
Center for Identity Webcast: The Internet of Things
Center for Identity Webcast: The Internet of Things Center for Identity Webcast: The Internet of Things
Center for Identity Webcast: The Internet of Things
 
computer and security
computer and security computer and security
computer and security
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
proofpoint-blindspots-visibility-white-paper
proofpoint-blindspots-visibility-white-paperproofpoint-blindspots-visibility-white-paper
proofpoint-blindspots-visibility-white-paper
 
Mobile banking issues in banking and insurance
Mobile banking issues in banking and insuranceMobile banking issues in banking and insurance
Mobile banking issues in banking and insurance
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud Prevention
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
 
W verb68
W verb68W verb68
W verb68
 
negative implications of IT
negative implications of ITnegative implications of IT
negative implications of IT
 
Top Positive and Negative Impacts of AI & ML on Cybersecurity
Top Positive and Negative Impacts of AI & ML on CybersecurityTop Positive and Negative Impacts of AI & ML on Cybersecurity
Top Positive and Negative Impacts of AI & ML on Cybersecurity
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingment
 
Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015
 

Recently uploaded

TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024Stephen Perrenod
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxFIDO Alliance
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxFIDO Alliance
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfFIDO Alliance
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...FIDO Alliance
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGDSC PJATK
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...FIDO Alliance
 
Event-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingEvent-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingScyllaDB
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...ScyllaDB
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsLeah Henrickson
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfFIDO Alliance
 
Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Hiroshi SHIBATA
 
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...ScyllaDB
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxFIDO Alliance
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftshyamraj55
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Patrick Viafore
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfFIDO Alliance
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessUXDXConf
 
Your enemies use GenAI too - staying ahead of fraud with Neo4j
Your enemies use GenAI too - staying ahead of fraud with Neo4jYour enemies use GenAI too - staying ahead of fraud with Neo4j
Your enemies use GenAI too - staying ahead of fraud with Neo4jNeo4j
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...marcuskenyatta275
 

Recently uploaded (20)

TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptx
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptx
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Event-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingEvent-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream Processing
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024
 
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptx
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 
Your enemies use GenAI too - staying ahead of fraud with Neo4j
Your enemies use GenAI too - staying ahead of fraud with Neo4jYour enemies use GenAI too - staying ahead of fraud with Neo4j
Your enemies use GenAI too - staying ahead of fraud with Neo4j
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 

Protecting Yourself Against Mobile Phishing

  • 1. A DIGITAL LIFE E-GUIDE Protecting Yourself AgainstMobilePhishing
  • 2.
  • 3. More and more people are enjoying online activities via mobile devices. A comScore research1 says that 4 of 5 US users shop online via smartphone. They also found out that 52% of users browse websites2 on their gadgets, while 39% visit social networking sites or blogs. You should be able to enjoy these activities safely, without worrying about threats like mobile phishing. This is easy to do, as long as you understand what it is and how you can protect yourself from it. Mobile phishing is simply phishing done via a mobile device, like your smartphone or tablet. Phishing is when cybercriminals solicit your personal information—like usernames and passwords—by spoofing the email or websites of legitimate entities. If you use your gadget for activities that require you to log in to a page, such as online banking, shopping, and social networking, then you’re at risk to this threat. What makes mobile phishing different from its desktop version is that it takes advantage of the limitations of the mobile platform in order to steal your information. Some of these limitations include: • Small screen size – This limits your device’s ability to display everything3 on a mobile browser. Cybercriminals can use this to conceal telltale elements on their phishing pages. • Default browsers – Certain devices prevent you from using more secure browsers. They have pre-installed default browsers that automatically open any clicked link. • Simple UI (User Interface) design – Mobile device UIs are designed for a quick and streamlined user experience, so some security measures are skipped. This puts you at risk. A Georgia Tech University study4 shows that most mobile browsers forgo displaying graphical icons that indicate a website’s legitimacy and connection security. These limitations aren’t necessarily harmful. But they are also not very helpful in securing you against mobile phishing. 1 http://www.comscore.com/Insights/Press_Releases/2012/9/Retailers_Carving_Out_Space_in_the_M-Commerce_ Market 2 http://www.comscore.com/Insights/Press_Releases/2013/1/comScore_Reports_November_2012_U.S._Mobile_Sub- scriber_Market_Share 3 http://blog.trendmicro.com/trendlabs-security-intelligence/mobile-browser-security-problem-exists-between- device-and-chair/ 4 http://www.gatech.edu/research/news/mobile-browsers-fail-georgia-tech-safety-test
  • 4. What They Don’t Want You to See Mobile phishing pages hide malicious routines that enable cybercriminals to steal your personal information. Cybercriminals see your data as assets they can either sell or use to carry out other schemes. Here’s what cybercriminals are after: • Your financial accounts – Cybercriminals are known to break into bank accounts and siphon money off of them. • Your social networking accounts – Cybercriminals can hijack your social networking accounts in order to spread scams and malware to others in your contact list. They can also mine your contacts’ accounts for more personal information. • Your online shopping accounts – Cybercriminals can use your own online shopping account to buy themselves very expensive gifts, especially if your card is already tied to the account. • Your identity and reputation – Cybercriminals can use your profile, name, or image to pose as you to your coworkers, family, or friends in order to scam them. They may also use your personal information in an attempt to damage your or someone else’s reputation.
  • 5.
  • 6.
  • 7. Proceed with Caution Every time you browse the Internet, be aware of the signs of mobile phishing. 1. Altered URLs: Cybercriminals take advantage of a mobile device’s small screen. The address bar’s size can hide the difference between a phishing page URL from a legitimate one. Below is a side-by-side comparison showing the difference in the URLs. Notice that the legitimate URL uses HTTPS, a secure protocol, while the phishing URL does not. The fake PayPal URL also has additional text in the address. 2. Fishy graphics and typographical errors: Looking at the example above, the phishing site also sports an unfamiliar new logo and altered text. If you’re not keen enough to know what the legitimate page looks like, chances are, you might get tricked. Figure 1. Fake Paypal URL and page (left) vs. legitimate URL and site (right)
  • 8. Considering the shift towards using mobile devices in this “post-PC” era, mobile phishing isn’t only real, it’s also inevitable. Here are ways to protect yourself against it. • Use official apps. If your online banking or shopping website has an app, use that instead of your mobile browser. But make sure to download these apps only from their official sources. This cuts out the middleman and makes the transaction strictly between you and your website. This denies cybercriminals the opportunity to phish for your information. • Avoid clicking links or opening attachments in emails from suspicious senders. Always verify the emails you receive before taking any action. The links and files within them can be malicious. • Double check the webpage and its URL. If you’ve already landed on a phishing page, be vigilant. Consider how you got there and inspect the details. Did you click on a link you got from an email? There are legitimate emails that ask you to do this—email verification for example—but this is how phishing mails usually operate. Tap your online browser’s address bar to fully display its contents. Scan for typographical errors or additional characters. Cybercriminals take over domains, banking on users making errors while typing or not noticing changes in the URL. • Bookmark websites you frequent. If you must use your smartphone’s mobile browser, bookmark the sites you use frequently. This lessens your chances of landing on a phishing website due to spelling mistakes. • Get a mobile security solution. Trend Micro™ Mobile Security keeps your mobile device and mobile data safe by identifying and blocking not only phishing threats, but also other web threats like malicious or high-risk URL and apps. What You Can Do
  • 9.
  • 10. ©2013 by Trend Micro, Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro, Incorporated. All other product or company names may be trademarks or registered trademarks of their owners. TRENDLABS TrendLabs is a multinational research, development, and support center with an extensive regional presence committed to 24 x 7 threat surveillance, attack prevention, and timely and seamless solutions delivery. With more than 1,000 threat experts and support engineers deployed round-the-clock in labs located around the globe, TrendLabs enables Trend Micro to continuously monitor the threat landscape across the globe; deliver real-time data to detect, to preempt, and to eliminate threats; research on and analyze technologies to combat new threats; respond in real time to targeted threats; and help customers worldwide minimize damage, reduce costs, and ensure business continuity. TREND MICRO Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers. A pioneer in server security with over 20 years’ experience, we deliver top-ranked client, server and cloud-based security that fits our customers’ and partners’ needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro™ Smart Protection Network™ cloud computing security infrastructure, our products and services stop threats where they emerge— from the Internet. They are supported by 1,000+ threat intelligence experts around the globe.