London, UK 11 September 2012 GFI Software today released its VIPRE Report for August 2012, a collection of the 10 most prevalent threat detections encountered last month. In August, GFI threat researchers identified a number of high-profile fake mobile application scams, along with a spike in email scams targeting UK banking and government organisations.
Cybercriminals were found to be operating several websites, masquerading as parts of the UKs Directgov government information web site, in particular purporting to offer information and access to housing and other social services benefits. The sites were in fact harvesting sensitive personal and financial information from people looking to apply for government benefits. Leading building society Nationwide was also in the crosshairs, with researchers spotting a new strain of phishing mails purporting to be from the UKs biggest mutual lender. The emails featured the return of the often-used verify your online banking profile, along with a second strain containing the false claim that a data inconsistency had been detected. In both cases, the subsequent links through to convincing copies of the Nationwide online banking site were intended to capture login details for Nationwide customer accounts.
Scammers continued to prey on users looking to download the official London 2012 Olympics game for the duration of the event, while mobile users also drew the attention of cybercriminals with the OpFake Trojan being distributed under the guise of the now defunct Adobe Mobile Flash Player. In addition, some versions of the fake application were bundled with adware which rooted the device and downloaded a fake version of the real Flash Player application. The adware software then performed a number of malicious tasks including the theft of the users phonebook contacts for advertising purposes and the deployment of pop-ups on the users screen.
Other Android users encountered a number of fake mobile antivirus applications masquerading as mobile applications provided by legitimate antivirus companies. The fake applications contained a Boxer malware application which sends SMS messages to a premium number before redirecting the user to another site.
The past months examples show that the world of smartphone applications has firmly become a battleground for scammers and malware writers, keen to take advantage of unsuspecting users, said Christopher Boyd, senior threat researcher at GFI Software. Avoiding mobile malware often requires the same preventative tactics associated with traditional malware such as verifying the legitimacy of any unsolicited emails or hyperlinks before installing an unknown application or submitting personal information. However, as we saw this month, the increased activity aimed at mobile devices doesnt mean traditional attacks, such as desktop malware and email scams, have become any less of a threat.
GFI Labs also conducted an investigation in August into the mobile applications released by both the Barack Obama and Mitt Romney US presidential campaigns in order to understand if user privacy was being compromised. The Obama and Romney smartphone applications were found to have a number of significant privacy issues that went unnoticed by users who did not read the terms of service agreements before using either application. In order to use the Romney campaigns app, users had to sign in through their Facebook account or to provide personally identifiable information such as their name, email and home address. Users who opted to sign in through Facebook gave the app permission to post on their profile page on their behalf and to collect even more data from their Facebook friends. The application was also found to collect other information such as the device ID, carrier and phone number as well as GPS and cell tower locations.