Android app impersonates Google Play Store, a warning about Facebook friends and how to check suspicious links
Welcome to Cyber Security Today. It’s Monday October 15th.
Attention Android users: Hackers have found a new way to sucker you into giving up control of your phone or tablet. According to Cisco Systems, they do it by replacing the Google Play Store app on your device with one that looks identical, but is called Google Play Market. If you click on the icon the app will start asking for permission to access administration privileges and to access the device’s settings. What it wants to do is access your passwords and your contact list. If you say no to the access request, it doesn’t go away until you say yes. That’s one way to know you’ve been hit. Another is if an app asks you to pay to access Google services. If you think you’ve been victimized you may have to have your phone wiped to remove the malware. It’s another example of why I recommend you have as few apps as possible on your mobile devices. It’s too easy to download bad apps. Your smart phone is not a place for playing games or testing some new app a friend recommends.
Everyone wants to have lots of friends. But too many friends can be dangerous, particularly if they’re on Facebook. Security vendor Sophos warns that hackers are trying to copy people’s Facebook account, then sending messages out asking to – again – friend someone on your list. So you’d get a message that reads something like this: “I actually got another friend request from you yesterday … which I ignored so you may want to check your account. Hold your finger on the message until the forward button appears … then hit forward and all the people you want to forward too. I had to do the people individually. Good Luck! “
As Sophos notes, why would you have sent a friend request to somebody you’re already friends with? And why would you uncritically send this message to your Facebook friends?
A cloned-account wave starts when you accept a friend request from an attacker who looks like somebody you think you know. If you accept, the so-called friend copies images and other information from your personal Facebook account to create a copy. Then the hacker sends friends requests to everyone on your list. Now the attacker has a list of people to send malware to. If you find a cloned account, use Facebook’s “Give feedback or report this profile” link to have the unauthorized account deactivated. It’s at the top right side of an account page. Just click on the three dots.
Finally, this being Cyber Security Awareness Month, I’ve spoken about the importance of being suspicious of links in email. If you have a desktop or laptop computer, you can hover over the link with your mouse, and the real destination of the link shows up at the bottom left of your browser. If the name of the link in the email isn’t the same as the one at the bottom, it’s suspicious. Did you get a shortened link? Again, hovering over it will show the full site it’s going to. It’s hard to check a link on a smartphone, where you may have to hold down for a few seconds on the link for the real address to pop up – that may inadvertently cause the link to become active. So my recommendation is for smartphones don’t try. Just don’t click on links. But what can you do to check a link? Actually, there are link checker sites you can type in or paste a link to get some evidence if it’s safe. Google has one at “Transparencyreport.google.com”. Kaspersky VirusDesk is another. A third is called PhishTank (spelled with a PH). These link checkers aren’t the last word in security. They may say the link is safe because so far no one has reported it linked to malware. But they are one thing to consider.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Alexa Flash Briefing. Thanks for listening.