As precautious as we are to make sure our computers don’t fall prey to spyware, viruses and phishing, we don’t go to nearly the lengths of protection with our smartphones.
Phones, they’re not just for talking, anymore:
- 70% of U.S. adults connect to the web with their mobile phones.
- 59% use their smartphone throughout the day.
- 65% send and receive email messages.
- 82% use their mobile to access social networking sites.
As we become more comfortable using smartphones for online use, using them for banking and commerce is just a step away, and a new avenue for cyber-thieves to steal your information.
Phishing attacks occur more than you think, but there are a few things you can do to avoid being phished on your smartphone.
Step One: Beware!
There’s a lot of phishermen out there.
The United States is the top country for hosting phishing websites. I’m not sure why more hasn’t been done to curb this, but the World Wide Web is still very much the Wild Wild Web, so be sure not to put your guard down.
In fact, over 5-million Facebook users have been phished!
Statistics show that mobile users are 3x more likely to submit login info than desktop users. There’s something about smartphones that makes it feel safer. Maybe it’s because it’s so small, or it’s the fact that we haven’t fully grasped the concept that It’s surfing the same waves as our desktop counterparts.
Not only is it an issue of perception, but it’s harder to spot a phishing website on a mobile device. Some smartphones don’t even show the URL bar.
Step Two: Understand How Phishing Works
The second step to making sure you don’t bite on the bait is to have a basic understanding of how phishing works:
- An email is sent to you asking to update your account info. This could be for your PayPal, bank account, credit card, Amazon account, or any other commerce site (social networking sites, too!).
- When you visit the web page to “update your account,” everything looks legit. If you check the URL, often times it says PayPai, instead of PayPal, or they use other URL tricks.
- The page will include all the input fields they need to steal your account information and password.
After you click “submit”, you’ve officially been phished.
Step Three: Know Common Phishing Tactics
There are three common ways users are phished.
- Tax Scams
You just can’t wait for that refund, can you? Scammers take advantage of that, and will send you an email alert regarding a problem processing your refund. The IRS doesn’t use email. Delete! - Donations
These guys are criminals, and so nothing is below them. Many times, phishers will create fake donation sites, like Japan earthquake relief sites, and rack-in the info. - Social Networks
We’ve all seen it. Someone looks like they’ve gone nuts, posting on everyone’s wall. Sure, they didn’t get your bank info, but you’ve got a big mess to clean up.
These are three common phishing tactics, but there are more out there. So, always follow step one, be aware!
Step Four: Tips to Stay Safe
Here are a few steps you can take to make sure you’re safe from being phished on your smartphone:
- Email & URL
When you read an email or check your social site, make sure you look at the sender of the message. Be sure to look at the details of the email. Double check that email address! Also, if the link they are sending you seems out of place, it probably is. In a situation regarding financials, call your financial institution. Use your smartphone to talk to your bank rep. - Check it!
If you’ve clicked the link, check the link! Make sure it’s the real website. Often times, I won’t follow the URL. I will go to my banking website in a separate browser tab or window, and login like usual. Also, look for a secure symbol – that lock in the address bar. Also, check for HTTPS in front of the URL, although symbols and URLs can be faked by the pros. - Antivirus & Antimalware
The last line of defense is to download an app for your phone that checks every site you visit with real-time protection against phishing.
Better to be safe, than phished!
Now What?
Even if you play it safe and have taken these steps to avoid being phished, there are a lot of people who don’t know. So, be sure to pass this info along. The more users who play it safe, the harder it is for these cyber-thieves to make-of with your information!
[via Lookout Mobile Security | Images via gclenaghan, visualpanic and Illetirres]
Matthew Snider says
Great write up brother. Never really think about this stuff as I consider myself a savvy web user. That is why I could get into trouble!
Eric Dye says
It’s easy for us to get cocky, eh! I always forget to scan my desktop – LOL!
Kyle McClain says
Eric where did you get the stats used in this article?
Eric Dye says
Per the cite at the end of the post: via Lookout Mobile Security.
🙂