Android Users Are Prime Targets for Banking Malware and Phishing

It was a surprisingly tough year for Android users with regard to malware and phishing attacks. While experts at Kaspersky Labs had expected attacks against those devices to follow the downward trend from 2014 and 2015, it actually increased by a whopping 30.6%.

All cyber gang related phishing and malware attacks were primarily directed toward Android users in 2016, likely because that is the most popular mobile operating system in the world. Banking malware campaigns actually surpassed the one million mark last year, making it the highest number of such attacks since security researchers starting recording those statistics.

The most popular malware strain seen last year targeting the operating system was Zbot (also called Zeus). This accounted for nearly half of the attempts. Zbot is primarily distributed via spam campaigns and drive-by downloads. It is designed to steal confidential information, especially banking login credentials, off the infected device. It can also download other configuration files and updates.

Everyone gets spam these days and email that they are not expecting that might even appear legitimate or from a known sender. However, often inside them are links and attachments that include malware or forms where the thieves ask for credentials to be entered for various accounts. Therefore, if one of these messages happens to get through the security technology, be wary of clicking any links or attachments. Even if you recognize the sender, it’s best to verify that the information in the messages is legitimate before clicking it.

If you don’t expect to receive something, or there is no specific information in the message that gives you the comfy cozy feeling that it’s safe, don’t click it. For example, if it arrives unexpectedly, but has a note from your sister that she thought the link would be helpful after a discussion you had last week about that topic, it is probably safe to click.

Other ways to determine if it’s real are:

-Clicking the sender’s address to see if it’s what you expect it to be, or
-Hovering over links with the mouse pointer or holding down on them if you’re on a touchscreen device to see where they actually go.
-If they don’t make sense, don’t go any further.

While many cybercriminals are now targeting organizations, in this case it was the average consumer that was targeted at a rate of more than four out of five attacks. Presumably that is because these criminals are choosing volume over fewer targets for more money. After all, even small amounts of money add up to big numbers after a while.

Users in Russia, the U.S., Germany, Japan, and Vietnam were the top targets for this in 2016.

Coming in second place to Zbot was the Gozi family of malware at 17%. Gozi was developed to steal online banking credentials. It’s author actually was sentenced to 21 months in prison, which was essentially served while he was awaiting extradition from Lativa to the US. That obviously didn’t stop his legacy from continuing on with the help of other cybercriminals.

© Copyright 2017 Stickley on Security