If there is one thing that has become glaringly obvious over the course of this past year, it’s that the little things—our technologically connected conveniences—are more vulnerable than ever. The findings of the McAfee Labs™ Threats Report: Fourth Quarter 2013, compiled by our global research team, McAfee Labs, echoes that sentiment. As mobile devices become more and more pervasive, they’ve drawn the attention of hackers and cybercriminals the world over. Point-of-sale systems (especially those belonging to large retailers) also took a particularly hard hit in 2013. For a closer look at the McAfee Labs’ findings from Q4 2013, read on.
Mobile malware is up 197% from 2012
The most immediate threat to consumers is the rapid growth of new mobile malware. Mobile malware first exploded onto the scene in Q4 2012, and it’s been a steady source for concern ever since—increasing in size and scope with each new quarter. In 2013, we reported 2.47 million mobile malware samples with 744,000 reported in this last quarter alone. Our collection of mobile malware currently sits at 3.73 million samples.
Worryingly, exposure to mobile malware is also growing. Mobile malware can now spread through nearly every point you can imagine—including mobile apps, malicious websites, spam, and malware-laden ads (QR codes included).
The most common aim of mobile malware is to collect and send location data, based on where you connect to the Internet, cell phone towers, or global positioning systems (GPS). Malware that abuses this type of information typically does so to build a user profile. This can be dangerous for a variety of reasons: from identity theft to blackmail, and even the intent to target travelers abroad for kidnapping or theft. Mobile malware can also collect user data such as passwords and contact information.
To avoid mobile malware, follow these steps:
- Download from official sources only: The Apple App store and Google Play store aren’t immune to hosting malicious apps, but such apps are far less likely to be found there. Plus, both Google and Apple have protocols in place to help find and eliminate any suspicious programs. Third party app stores are more likely to host malicious content that will steal your data and your financial information. Sticking to the main app stores is your safest bet.
- Be aware of how your apps use data: Monitoring app data usage should be a common practice and is fairly easy to do on both iOS and Android devices.
- Check application permissions: Mobile users are asked if they want to grant an app access to their location or address book. Often, this isn’t an issue, but there are times when a malicious app will grant itself more permission than needed to gain access to additional data on your phone. If you find that an app has access to something you didn’t approve, it’s a good sign that it might have been created for a more malicious purpose.
- Download the free McAfee® Mobile Security app. We recently made our mobile security free for both Android and iOS users. Download it now to protect your data and devices from malicious apps.
Point-of-sale attacks are the new black
In 2013, Target, Neiman Marcus, White Lodging, Harbor Freight Tools, Easton-Bell Sports, Michaels Stores, and ‘wichcraft were all victims in attacks on their point-of-sale (POS) systems. I’ve written previously on the Target point-of-sale attack, but McAfee Labs researchers went even further to discover what’s being done with the millions of credit cards stolen in the breach. Surprise, surprise—they’re being sold online. McAfee Labs discovered that cybercriminals are dumping these card numbers online in batches of 1-to-3 million at a time, and other criminals are snatching them up in return for Bitcoin and other less monitored virtual currencies.
With point-of-sale attacks on the rise, how can you protect your identity and your bank account?
- Use one credit card for all shopping—both online and off. Having a dedicated credit card for all of your shopping will make it easier to cancel should one of the stores you shop at be attacked by cybercriminals. One-time use credit cards are also a good idea, especially for online shopping transactions.
- Check and monitor your statements. There’s no doubt about it—point-of-sale attacks are on the rise. To ensure that you’re not a victim, go through your transaction history with a fine-tooth comb on a weekly or monthly basis.
- Contact your bank if you notice suspicious activity. In the event that you do see odd charges on your credit or debit card statement, contact your bank immediately. They will be able to provide you with a list of next steps and cancel your card if necessary.
Ransomware & suspicious URLs are on the rise
McAfee Labs researchers have also discovered that ransomware and suspicious URLs are on the rise—again. Ransomware is a type of malicious software designed to hold your data or device hostage on your until a sum of money is paid. The volume of new ransomware samples doubled from Q4 2012 to Q4 2013, with McAfee Labs adding 1 million new samples last year. Similarly, the number of suspicious URLs increased by 40% in 2013 – with 13 million new suspicious URLs being reported in Q4 alone.
How can you protect yourself against ransomware and suspicious URLs? Simple.
- Install comprehensive security software. McAfee LiveSafe™ service will protect your data and all your devices from ransomware, suspicious URLs, viruses, and more. Install it today and browse the web with confidence.
While the McAfee Labs quarterly threats reports help provide a summation of the biggest and baddest online security trends, we like to keep our customers current on a day-to-day basis as well. For the latest in consumer security news, be sure to follow @McAfeeConsumer on Twitter and Like us on Facebook.