advertisement

Follow Mint Lounge

Latest Issue

Home > Smart Living> Innovation > How to protect your phone from malware and cybercriminals 

How to protect your phone from malware and cybercriminals

Cybersecurity experts weigh in on the basic rules of securing your smartphone and other personal devices from malicious software

Be it computer adware, ransomware, crypto-jacking malware, botnets, rootkits, or spyware. Designed to trick users, they can originate from multiple source and the threat has only increased during the pandemic.
Be it computer adware, ransomware, crypto-jacking malware, botnets, rootkits, or spyware. Designed to trick users, they can originate from multiple source and the threat has only increased during the pandemic. (iStock Photo)

In 1971, Bob Thomas, a programmer with the Cambridge, US-based tech company BBN Technologies, created the world’s first computer virus. It was called the Creeper program. The Creeper virus was harmless, designed as an experimental security test to see if a self-replicating program could work. According to a blog on the history of computer viruses by global cybersecurity company Kaspersky, with each new hard drive infected, Creeper would try to remove itself from its previous host. It would display a simple message: “I’M THE CREEPER. CATCH ME IF YOU CAN!”

Fifty years later, the digital world is replete with all kinds of cyberthreats that are not so easy to spot. Viruses have been replaced by malware. For example, a highly advanced malware called FluBot recently started affecting Android users in the US, Europe and then Australia. It spreads through a normal SMS, prompting users to click on a rogue link, which claims to be a missed phone call, voicemail or even an SMS from popular logistics delivery brands. When you click on this phishing link, the malware is downloaded on your device. According to international cybersecurity solutions company Check Point’s Global Threat Index for August 2021, FluBot, once installed on your device, can access all your sensitive information.

Also read: State-sponsored cyber attacks have corporates worried

That is what different malware do, be it computer adware, crypto-jacking malware, botnets, rootkits, or spyware. Designed to trick users, they can originate from multiple source and the threat has only increased during the pandemic. From March 2020 to July 2021, Kaspersky identified more than 5,000 pandemic-related phishing websites designed to steal user credentials and other private data and prevented over a million users from visiting such sites. It’s important to remain alert, stay up-to-date with phone and app updates and take all the precautions possible, such as avoiding public Wi-Fi.

Red flags

If your smartphone has been affected by malicious software, it’s most likely to show up in the device’s basic performance. The same goes for PCs, say experts. “When you notice that your smartphone or PC is suddenly sluggish or witness that the phone battery is drastically draining, or it is running hot, consider it a red flag,” says Judith Bitterli, senior vice-president of consumer, at cybersecurity company McAfee.

Bitterli says that malware eats up system resources, creating conflicts with other apps and uses your data or internet connection to pass your personal information to the perpetrators. “If you are facing trouble shutting down or starting up your devices, it hangs often, or you tend to see more random pop-up ads than usual, or notice unknown charges popping up—that’s a cue that your device could be compromised and not just getting old,” Bitterli says on email. Pop-up advertisements, which appear on unknown websites, are now designed in such a way that the moment you click on any of them, a virus or malware is automatically downloaded and starts running on your phone or PC.

From March 2020 to July 2021, Kaspersky identified more than 5,000 pandemic-related phishing websites designed to steal user credentials and other private data and prevented over a million users from visiting such sites.
From March 2020 to July 2021, Kaspersky identified more than 5,000 pandemic-related phishing websites designed to steal user credentials and other private data and prevented over a million users from visiting such sites. (iStock)

Since smartphones are now connected to, and control, multiple devices in our homes, they have become even more attractive targets for cybercriminals, key targets for ransomware developers and identity thieves.

Earlier, the objective of computer viruses and malicious software was to disrupt work. But now malware is designed to generate money, or ransom, out of a user. Since many of us are now working from home, away from the secure technology environment of a workplace, instances of adware and ransomware attacks have gone up, says Rahul Tyagi, co-founder at California-based cybersecurity company Safe Security. “The number of hacks we have seen on the Android platform is far higher than iOS,” says Tyagi. “One of the signs (if your device is compromised) to keep an eye on is your data usage. Sometimes, data-syncing takes place in the background and it’s not visible to you. Also watch out for any calls and texts that weren’t made or sent by you.”

Another common telltale signal of a compromised smartphone is apps crashing too often, says Ritesh Chopra, director, sales and field marketing, India & SAARC countries, for NortonLifeLock, the consumer cyber safety company. “The programs that you use on a daily basis might refuse to open at all. There are many other signs. For instance, you might not have any substantial data, music or pictures on your device but still there’s little or no storage left. These are very initial, common signs,” says Chopra.

The solutions

Many of us have worked on devices, both phones and PCs, where the holy grail of safety was good antivirus software. But there are some other basic tips that can help you steer away from malware. The first and most obvious is to keep your operating system and applications updated, no matter which device you use. Regular software updates from your smartphone maker can not only stop a rogue software from functioning but also fix any vulnerabilities in a device already affected by malware.

Be cognizant of the sites you visit and avoid clicking on unknown links, specifically those offering free screensavers or other unusually generous deals and promotions. Your inbox is another potential source of entry: Don’t click or open any emails or attachments from unverified senders.

Another common mistake many of us make, according to experts, is using public Wi-Fi networks without a proper VPN, or virtual private network, connection. “People are often confused between VPNs and a web proxy. A proxy protects only your browser data, not the apps outside it. But if you install a VPN, every bit of information that goes in and out of your system is secured and encrypted,” says Tyagi.

In the case of smartphones, two-factor authentication and stronger passwords offer an extra layer of protection but Bitterli says users should also avoid public charging stations since--hackers have been known to install malware in these.

Smartphone apps are critical. Get rid of old apps and always stick to the official app stores while downloading newer ones, says Bitterli. Apps downloaded from any third-party store, apart from the Play Store or App Store, don’t go through a review process and could allow malicious software to access your device.

It’s a good idea to regularly review smartphone apps and permissions. For instance, why would a simple smartphone game or food delivery app require permission to see your contacts, messages or photo gallery? “There are at least 60 apps on an average Indian’s smartphone,” says Chopra. “What are these apps doing in the backend? A user needs to track this. Technically, the computer virus is dead. The whole focus has shifted to malware.”

Also read: Pulling the plug on spam calls

Next Story