Shopaholics: Beware of Risky Wi-Fi

By on

As the days grow shorter and twinkly lights pop up on houses lining the block, one thing is clear: the holidays are here! ‘Tis the season for family outings and gift exchanges, which means spending hours at the mall, searching for perfect presents for loved ones (or sometimes, ourselves!). Cybercriminals also love this time of year, but not for the parties and peppermint mochas.

Today, mall Wi-Fi is almost a guarantee, with much of the public depending on their mobile phone for everything from coupons to paying for items. With all of this connecting, the holidays are becoming an especially vulnerable time for shoppers. As hard as it is to resist logging on to a free network to avoid a day’s worth of data charges, it’s possible that the “free” network you’re logging onto isn’t so free after all. Hackers often set up fake networks to lure shoppers, and monitor the hotspots for account numbers and other personal information that they eventually grab and use for their benefit. While you’re staying cautious about the connections you make, it’s also important to be aware of the retail apps you download to your phone.

During a long day of shopping, there is one pit stop that I always make: coffee. Many popular coffee shops offer rewards programs through dedicated apps, but whether you’re loyal to Starbucks or more of a Dunkin’ Donuts fan, it’s important to be cautious about the apps that you’re downloading on your mobile device. Cybercriminals have begun to repackage popular mobile apps, such as the Starbucks app, into versions that are almost identical, but with small lines of malicious code hidden in them. It’s tough to identify these repackaged apps from the ones that you trust, but fall for their trickery and hackers could be stealing your information after infiltrating your mobile device.

So, what are the best ways to avoid falling victim to a mobile hack during the holidays?

  • Come Prepared: Download the apps, maps, coupons, and shopping lists you’ll need before you hit the shops, from your secure home connection. That way, you’ll have all of your gadgets ready when you get to the mall, and won’t need to log on to a sketchy connection or use your data.
  • It’s All in the Details: A good habit to get into before downloading mobile apps is to first read their privacy policy. If the program seems like it’s asking for more personal data than it probably needs, you should think twice before agreeing to download—it could be fake. Any legitimate mobile app won’t request data it doesn’t need, like your contacts or your network.
  • Ain’t No (Secure) Wi-Fi: Be careful about connecting your mobile device to free, public Wi-Fi. Even if there are networks called “Apple Store” or “Macy’s Free Wi-Fi”, it doesn’t mean that they’re safe to connect to, and there could even be a cybercriminal on the back end, looking to steal your personal information, and relying on a name you trust.
  • Proceed with Caution: McAfee Mobile Security is free for both Android and iOS, and helps protect your mobile device and its data from cybercriminals. We know what you are thinking, and yes, this is one free app you can say yes to!

Now that you’re armed with the knowledge to keep your mobile device safe, go shop ‘till you drop! If you do think your phone has been hacked or your personal security has been breached, you should be sure to check for suspicious payments on credit cards, and keep your phone up-to-date on the latest operating system.

Looking for even more mobile security tips? Be sure to follow @McAfee on Twitter and like us on Facebook.


Categories: Mobile and IoT Security
Tags: , ,

Leave a Comment

Similar articles

If you’re a gamer, you know how important virtual currency is. It allows you to purchase new costumes and weapons to personalize your avatar. But how does one go about gaining virtual currency? Players complete in-game challenges and are rewarded with coins to spend in their virtual world. These challenges can be pretty difficult and ...
Read Blog
Cryptocurrency mining is the way transactions are verified and added to the public ledger, a database of all the transactions made around a particular piece of cryptocurrency. Cryptocurrency miners compile all of these transactions into blocks and try to solve complicated mathematical problems to compete with other miners for bitcoins. To do this, miners need ...
Read Blog
The authors thank their colleagues Oliver Devane and Deepak Setty for their help with this analysis. McAfee Labs researchers have discovered new Russian malware, dubbed WebCobra, which harnesses victims’ computing power to mine for cryptocurrencies. Coin mining malware is difficult to detect. Once a machine is compromised, a malicious app runs silently in the background ...
Read Blog