More than three quarters of Germans use a smartphone and are regularly on the Internet with it. It’s no wonder, then, that cybercriminals are now increasingly extending their attacks to mobile devices, where they "phish" for your passwords. Where dangers lurk? What to look out for and how to protect yourself? We give you answers to the most important questions.
The smartphone is the center of our digital lifestyle. Whether for private or professional use, these multifunctional technological wonders are becoming indispensable companions for a growing number of people. This trend is, unsurprisingly, particularly noticeable among the generation that has grown up with cell phones. A representative Online survey commissioned by the digital agency Syzygy shows the importance attached to it by "millennials" born between 1981 and 1998: Nearly half of those surveyed would rather give up breakfast for a month than their smartphone. For 28 percent, the cell phone is even more important than sex.
The smartphone is ubiquitous; paradoxically, however, few users give much thought to the issue of security. We spend more than 1.5 hours with the cell phone on the Internet, yet we rarely waste even a thought on our protection while mobile surfing. And that can be dangerous!
The classic phishing mail
If you check your email from your phone, be especially wary of the "classic" phishing email. This can be, for example, a supposed message from your bank, an online store or a social network, asking you to enter confidential data such as account information, TANs or logins. In most cases, you are first redirected to an external website via a link. If you fall for the fake e-mail, you provide the criminals with sensitive data and open the door to the plundering of your bank account, for example. We have summarized how to recognize phishing emails and websites in 10 tips .
Beware of text messages
Phishing SMS messages also work on the same principle; the only aggravating factor here is that, unlike e-mail programs, there is no spam filter for text messages. Phishing SMS are used to read out personal data or install malware on the cell phone. The sender is either an unknown number – be especially careful here if the message contains links – or a number from your address book. In the latter case, your friend’s cell phone has probably been infected and now automatically sends SMS messages to all saved contacts. However, most of the time you can unmask these messages by their spelling or style.
In general, it’s important to listen to your gut: If an SMS seems strange to you, there’s usually a reason for it. And if you have not taken part in a lottery, you should not be happy about a notification about the jackpot you have won, but become skeptical.
The URL padding technique
A new phishing variant that specifically targets mobile users is the "URL padding technique". In this case, the victims are again directed through links to specially prepared phishing websites, which look like the login page at Facebook or the Apple iCloud, for example. With this trick, the criminals take advantage of the fact that the domain names cannot be seen in full length in the browser due to the reduced display on the cell phone. The trick now is to find the URL, z. B. "m.facebook.com", by adding hyphens until the actual address, z. B. "internet fraud.com", is no longer visible. In the browser on your smartphone, it says "m.facebook.com——————internetbetrug.com"; however, you only see the supposedly serious first part.
The best way to protect yourself from the "URL padding technique" is not to open websites and services via links and buttons from received messages. And if you are not sure about the authenticity of a page, it is best to call the corresponding page manually in your browser.
False password query
Recently, security researchers have also increasingly warned against fake password requests on smartphones. Apple’s iOS, for example, asks for access data at irregular intervals and on different occasions; and it is precisely these password requests that can be imitated by means of identical design. If you are unsure whether it is a legitimate password request, you can use a simple trick: Provide a false password as a test. If the entry of the wrong password is accepted, it is probably phishing.
Examples like these show that the phishing opportunities for criminals are becoming increasingly diverse. Therefore, it is important to always look carefully, do not access login pages via links and help yourself with tricks such as entering a false password. However, a residual risk remains. You can protect yourself against this with insurance such as INTER CyberGuard, which provides financial protection for all damage caused by phishing on computers or mobile devices, for example.
This is how INTER CyberGuard protects you from phishing:
Approximately 36 billion phishing emails are sent worldwide each year. Target of..
A large part of the crimes committed on the Internet fall into the category of..
The World Wide Web has become an indispensable part of our everyday life. A frequently..