Cybersecurity Blog

How to protect your Android device – 08/22/18

 

With reports about compromised or fake apps in the Google Play Store coming out every month or so, owning an Android device can be down right stressful.  While there are things you can look for to reduce the risk of downloading a nasty app, it isn’t always easy to identify them.

To help keep your Android device safe, Google Play Protect is installed on it at the factory.  However researchers have found out what millions of Android users have known for years, Google Play Protect does a terrible job.  Even with the tool pre-installed, users everywhere are still experiencing malware infections on a large scale.

So what is a user to do?  The good news is there are many excellent apps out there designed to protect your Android device from malware. Even better, many of them are free.  The more recognizable names are McAfee, AVG, Avast and Norton. However some lesser known products like Anity, Cheetah and F-secure are also excellent.  All of them out perform Google Play Protect.

If you want to keep your Android device secure, before you download an app:

  • Only download from the Google Play Store (it’s still safer than the wild web)
  • Check its reviews
  • Check the number of times it has been downloaded
  • Check to see what kind of access to your data and your device it wants
  • Download an anti-malware app before you download anything else

 

Google can track you even if Location History is turned off – 08/15/2018

 

If you have an Android phone or an IOS phone that has the Google app on it, Google could be following your every move.  Most people are aware that you can turn the Location Services off on your iphone and disable Location reporting on your Android phone.  You may even know how to turn off Location History so Google doesn’t store a record of where you have been.  What you probably don’t know is, Google  has been deceiving you.

AP News has found that when you turn off those services, it only disables the viewable timeline. However every time you open Google Maps, get some weather updates or use Chrome for a search, it tracks you and stores time-stamped location data from your devices.

Fortunately, there is a way to truly turn off the location tracking.  Google buried it deep within their account settings. To keep nosy Google from tracking you in any way:

  1. Open the Google app on your mobile device.
  2. Click the Settings icon in the upper left hand corner.
  3. Select Manage your Google Account.
  4. Select Personal info & privacy.
  5. Select Activity Controls.
  6. Select Web & App Activity.
  7. Click the slider to disable Web & app activity.  It should turn gray.

 

Kids and cell phones, how to keep them safe – 08/08/18

 

As parents gleefully start planning for back to school, one question that may come up is ‘Does my child need a cell phone?’. If your answer is yes, there are some things that you can do to help protect them from cyber bullies, predators and scammers.

  1. Enable the password protected screen lock.  Let your child know that the password should not be shared with anyone but Mom or Dad.
  2. Know every app on your child’s phone, every account that is created and what the passwords are.
  3. Check your child’s phone for disturbing content on a regular basis. Their access to a phone should depend on you having access to it as well. You pay the bills, you make the rules.
  4. Check the privacy and security settings on the phone and apps. Be careful with location tracking. If you can find your child, so can someone else.
  5. Keep the apps and phone software up to date.
  6. Have a talk with your kids about online safety. Teach them to:
    • Never respond to calls, texts or emails from people they don’t know.
    • Talk to them about cyber bullying, harassment and predators. Make sure they know they can come to you for help.
    • Be careful about what they post. Too much personal information can make them vulnerable. Posting the wrong photo or making the wrong comment can mess up your life.
    • Only connect to people through social media that they know.
    • Watch for geo-tagging on photos. They don’t want their exact location to be displayed.

Even if you don’t follow all these guidelines, having a frank and honest discussion about phone safety and modeling desired behavior will go a long way to keeping your kids safe.  For more resources on determining when is the right time for a cell phone and how to keep your kids and teens cyber safe, visit Safe Search Kids by Google.

 

Scam pretends to lock your phone – 08/10/18

 

Windows users have heard about the tech support scam that informs them their computer has a virus and they need to call a 1-800 number to unlock it. Creative criminals are now using the same tactic with iphone users. They have seeded several porn sites with malware.  After your visit, a large dialog box appears on your phone informing you that your phone has been locked because you visited an illegal porn site. It all looks very official as it correctly displays the model of your phone and the URL of the porn site. It then gives you a hyperlink to a number to call to get your phone unlocked.

In reality, your phone isn’t locked at all. If you call the number you get connected to a hacker who then attempts to get information and money from you.  Although this scam leverages a visit to a porn site, a similar scam can be set up with any type of website.  It can also target any kind of phone.  It may be iphone users that are currently targeted, but it won’t take long for this scam to show up on Android phones as well.

Never call a number that shows up in an alert or notification on your phone.  Never click on security warning links either. If you do connect to a call center and start to feel uncomfortable, hang up. Apple will never lock your phone and then ask you to call a number to get it unlocked. Come to think of it, neither will Google or Android.

 

60 000 Android devices infected with malware – 06/28/18

 

The latest malicious Android app is a clever thing indeed.  So clever that it has managed to infect 60 000 devices at last count. What should you look out for? The whole process starts with a pop up that informs you that you have issues with your device.  The make and model of your device is listed in the pop up making everything look very official. It gives you the option of ignoring the issues or cleaning them up by installing an app. Thing is it doesn’t matter what you click, it takes you to a power saver app in the legitimate Google Play store.

It isn’t until you look at the permissions that the app asks for during install that things seem a bit odd.  Why would a power saver app need:

  • to read sensitive data?
  • to receive text messages?
  • to pair with Bluetooth devices?
  • full network access?
  • to modify system settings?
  • to receive data from the Internet?

If you decide to ignore the red flags and install the app anyway a few things will happen. First,  a hacker completely controls your device. Second,  a little ad-clicker bot runs in the background clicking on ads and generating revenue for the hacker while stealing your data. Third, the app actually does work by stopping processes that are using too much battery power when the battery level is low.  So it isn’t all bad. At least the app does what it says it does. It’s the bonus features that you can do without.

If you are have a pop up on your device that you cannot close or that takes you to a web page or the Google Play Store no matter what you do, restart the device. That should get rid of the pop up.  If it persists you may have to resort to a factory reset.  Either way you do not have to give a hacker control of your phone to get rid of a persistent pop up.

 

Is that app really as popular as it seems? – 06/15/18

 

 

Cyber criminals are getting wise. They have noticed that if an Android app has lots of downloads listed, the odds are pretty good that others will download it as well. They are using this phenomenon to trick people into downloading their malicious apps.

How are they doing it? When you browse the app store,  the only information that you see is the app name, app icon and the developer name. Creative criminals are taking advantage of this by entering their developer names as 100 Million Downloads, Installs 1,000,000,000 + or simply 5,000,000,000.

Criminals aren’t stopping the deception there. They are also using Verified Application or Legit Application as their developer names. Never mind that Google Play doesn’t have a developer account verification service, it looks good anyway.

This is just a reminder that when you are looking for apps to download stick to Google Play and read reviews carefully. Stay away from apps that use deceptive tactics, have few reviews or few downloads.  Happy and safe downloading!

 

 

More apps on Google Play containing malware – 05/11/18

 

Once again a bunch of apps on Google Play have been found to contain malware. The  majority of them are photo editors.  Here is the list of apps and their publishers.

Ladies World by Chenxy
Happy photos by chandrahegang
Beauty camera by bai xiongshu
S-PictureEditor by bai xiongshu
Collage maker 2018 by bai xiongshu
Gallery by bai xiongshu
Collage Maker by bai xiongshu
S Photo Plus by LiaoAny
CollagePlus by LiaoAny
Photo Studio by elaine.wei
Collage Studio by elaine.wei
Photo Studio Plus by elaine.wei
Collage Studio Pro by elaine.wei
Hot Chick by Sunshine Fun
Popular video by Phoenix bird Tech Limited
Music play by Jiangxi Huarui Network technology company
Photo collage edit by Jiangxi Huarui Network technology company
Pic collage by Jiangxi Huarui Network technology company
Super Photo Plus by kowloon
Bees collage by kowloon
Superb Photo by kowloon
Sweet Collection by TopFun Families
Pic collage by Shenzhen coronation plus Technology Co.. Ltd.
K music by Shenzhen coronation plus Technology Co.. Ltd.

If you have downloaded one of these apps, uninstall it from your phone and run a virus scan.  Although malware containing apps are found on Google Play regularly, it is still safer to download apps from there than other locations.  To reduce the risk, make sure you only download apps with a large number of positive reviews and downloads.

Blu Android phones caught sending user data to China – 05/09/18

 

They’re baaack! Last year, Amazon pulled the ultra cheap Blu brand of smart phones from their site after it was discovered, they were calling home to China without their user’s consent and transferring loads of private data .  Users were completely unaware of the data transfers as the application responsible was installed in the factory and therefore undetectable by anti-virus software.

The company has since come to an agreement with the FTC and promise to never do it again. This has prompted Amazon to once again allow the company to sell their phones on their site.

If Blu violates the agreement with the FTC, it could cost them up to $41, 484 per incident in civil penalties. They will now have their security protocols and record keeping monitored. However considering Blu repeatedly misled consumers and regulators previously by stating they had stopped data collecting when in fact they were still doing it, I am not so sure they can be trusted. Yes their phones are a deliciously cheap, however you might be giving up your personal information in exchange.  Remember, you get what you pay for.

New security vulnerabilities found on everything with a computer processor – 01/08/18

What are they?

New vulnerabilities called  Meltdown and Spectre have been found in computer processors  built after 2009 that allow a program to steal data from your computer system’s memory without your permission or knowledge.  It affects everything that has a computer processor including your computer, tablet, phone and IoT (Internet of things such as a smart thermostat).

Why should I be concerned?

These vulnerabilities have the potential to allow hackers to covertly fetch sensitive information  such as passwords from system memory allowing access to your online banking, social networking accounts and the like. To make matters worse, the attack can be made via your browser.

How is the problem fixed?

As these vulnerabilities are in the main processing chip on the computer, the ultimate fix will be to change the processor codes, the firmware or the chip itself.  However, the problem can be mitigated by modifying how the software interacts with the processor. As a result, software and hardware vendors are currently developing patches for these vulnerabilities.

What is IT Services doing about it?

We are following our standard processes to manage the patches for these vulnerabilities.

What do I have to do?

You do not need to update your workstation, it will be done by the MRU patch management process.  Your regular updates include all required patches. If you have a Mount Royal laptop or device and you aren’t sure that it is getting updated, please visit the IT Service Desk.

Install updates for all your personal portable devices and home machines as soon as they become available.  Make sure that your browser is updated as well. Please note that not all anti-virus programs are compatible with Microsoft’s latest updates. If your machine has incompatible anti-virus software, the Microsoft updates will not be uploaded and your machine will be left vulnerable. Check your anti-virus program’s website to see if it is compatible.

Make sure you visit official/trusted websites to get your updates or use the update feature from within your software.  We do not recommend clicking on links and opening attachments in emails claiming to have a link to the latest updates or patches.  Criminals may take this opportunity to send out fake security patch or update emails with malicious links to try and trick you into downloading their malware.

For more details on the vulnerabilities, check out the sources for this article:

 

Attention Students – Devices disappearing across campus – 12/07/17

 

It is a scene that is played out across campus every semester, a student on a laptop studies diligently for exams. She runs out of battery power and looks for a plug in. She finds one just around the corner, plugs in and goes back for her books. When she returns 30 seconds later, the laptop is gone. In 30 sec she has lost all her study notes and all her papers for the term. The theft is reported to security but the laptop is long gone. If only she had thought to back up her papers and notes on iCloud, Onedrive, Dropbox or Google Drive.  Then she would at least be able to study for her final.  Now she has little to work with and exams are looming. Now she has to contact her professors, ask for extensions and hope that they will be granted.  She was hoping to ace this term, now she just hopes to pass. This isn’t hypothetical. This is a real story that has been repeated over and over again.

This semester, don’t repeat the story.  Treat your devices like cash. If you wouldn’t leave a 20$ bill somewhere, don’t leave your device there. It takes less than 30 seconds for a criminal to pocket your smartphone or walk off with your laptop.  It takes less than 30 seconds to jeopardize a grade you have worked all term to achieve.