How To Tell If Your Mobile Phone Is Being Tracked Or Monitored By Spy Software

Mobile phone spy software is more prevalent than you may think.

You don’t have to be a celebrity or politician to fall prey; it can happen to anyone.

If you suddenly find your mobile’s battery life disappearing rapidly, or your data usage goes through the roof, it should be a sign of snooping.

Why would someone want to spy on you?

An excellent question and the answer is probably data.

If you’re in business, it could be details about sales strategies, new product development and so on. It could be to find out whether an affair is taking place or it could be related to a court case.

You’re probably wondering how the soy software gets on your phone. Well, it’s easier than you think. For example, during repairs or for some other reason, a backdoor application can be installed to piggyback your GPS service or spy software can be installed on your mobile device.

How to tell if your mobile phone has spy software on it

There are several signs to look out for that suggest your phone is being tracked or monitored in some way. They can be quite subtle, but when you know what to look out for, they can also be glaring:

Unusual sounds during calls

Clicking sounds, static or distant voices coming through your phone during conversations can be a sign that you’re being snooped on.

Decreased battery capacity

If a mobile phone is tapped, it is recording your activities and transmitting them to a third party. This leaves a footprint in the form of increased battery usage, and as a result, the battery loses life faster. You can test this by using your battery in another phone of the same model and compare the results. If it uses less battery, it could be that your phone is bugged or it’s defective in some way.

Phone shows activity when not in use

Other than message alerts, when your phone is not in use, it should be silent. If yours is making noises or lighting up its screen when you’re not using it, it could be a sign that someone’s snooping on you.

Phone takes a long time to shut down

If your phone is transmitting data to someone, it will take longer to turn off –  especially after a call, text, email or web browsing because it could be sending information to a third party.

Battery temperature feels warm

If your phone feels warm, even when you haven’t used it, it could be still in use secretly transmitting data. However, this is only a potential sign.

Receiving unusual texts

Receiving strange text messages containing random numbers, symbols or characters is another sign. The remote control feature of spy software works by sending secret coded text messages to your phone and in some cases, these can be seen if the software is not working correctly. If this happens regularly, you could have a spy app on your phone.

Increased data usage

Some spy apps (the less reliable ones) use extra data to send the information collected from your phone, so look out for any unexplained increase in your monthly data usage. The best spy software programs data usage has been reduced and will be almost impossible to spot but the poor programs will show significant data use.

How to find mobile phone spy software 

It’s possible to find spy software on an Android by looking inside the files on the phone. Go to:

  • Settings
  • Applications
  • Manage Applications or Running Services

You may be able to spot suspicious looking files. Good spy programs usually disguise the file names so that they don’t stand out but sometimes they may contain terms like spy, monitor, stealth and so on. Some of the poorer quality software programs are still quite easy to spot.

If you are only looking for confirmation of spy software, you won’t do any damage to the phone. However, it’s best not to remove or delete any files unless you know what you are doing.

If you do find suspicious software ,it’s a good idea to take your device to someone who does know what they are doing.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.

Source: BullGuard

Everything You Need to Know About Mobile Banking Trojans

mobile banking trojan

 

Mobile banking trojans are evolving.

If you use a smartphone for mobile banking (who doesn’t?), you need to be aware of this threat, especially if you run an Android handset because close to 98% of threats are aimed at the Android ‘open’ system.

It’s ‘open’ so phone manufacturers can tweak it to suit the phone models they release which leads to operating system fragmentation:

  • When Google releases an update, it doesn’t mean that all the different versions of Android running on smartphones are secure even if the update is deployed
  • This is because manufacturers tweak the operating system. Further, some manufacturers also don’t readily release updates.
  • This means that some versions of Android become vulnerable to hacking.

How widespread are mobile banking trojans?

According to a recent post on BullGuard’s website:

“In 2016 over nearly 130,000 mobile banking trojans were detected as well as over 250,000 ransomware trojans, also aimed at mobile devices.”

The ransomware demands a fixed fee from a victim whereas banking trojans can be used to loot someone’s bank account and empty it of all its contents.

How do banking trojans get on my phone?

Generally by unwittingly downloading it because it’s typically disguised as a legitimate app.

  • The malicious app is published on third-party app stores
  • Sometimes they even sneak into the official Google Play store
  • Cyber crooks sometimes send phishing SMS messages containing malicious URLs. Clicking the link downloads the trojan
  • Malicious advertisements
  • Mobile adware

How they work

When the user launches the legitimate banking app, the trojan detects what is happening on the phone. It then displays its interface overlaying the banking app’s interface.

Alternatively, it redirects users to a malicious website page or use keylogging to pull information from the user’s phone.

The most effective trojans impersonate banking apps, payment services, and even instant messaging apps. When a user inputs their username and password, the trojan takes note, steals the information and sends it back to a server controlled by the hacker. This is why many banks operate a two-factor authentication process.

Mind you; there are some banking trojans designed to intercept two-factor authentication sent by SMS.

How to protect yourself

Sounds kinda horrendous, doesn’t it? But you’re not doomed, there are things you can do to protect yourself.

When you download an app, you have to check the permissions box to allow the app to run and do what it needs to do. A banking trojan also requires a series of app permissions for it to go about doing its nasty business.

Therefore, banking trojan requires a user to authorise the following SMS permissions:

  • Read SMS – enables the application to read SMS messages stored in the SMS inbox
  • Receive SMS – intercepts SMS messages and prevents them from reaching the SMS inbox
  • Write and send SMS – enables the trojan to harvest the victim’s contacts and send phishing SMS messages

If an app is requesting any of these permissions, it should raise an immediate red flag and lead you to ask ‘why?’ If in doubt don’t allow it to download.

For a belt and braces approach, make sure you’re running antivirus software to identify and stop malware from loading onto your phone.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BullGuard

How to Avoid Mobile Scams

mobile scams

 

Back in 2016, mobile device usage overtook fixed computing internet usage, so it’s hardly surprising that smartphone and mobile devices are a huge target for cyber villains.

According to a recent article in BullGuard, recently:

  • More than 500 Android mobile apps were removed from Google Play after it was discovered that a software development kit (SDK) embedded in the apps could be leveraged to install spyware on devices
  • The SDK was developed by a Chinese company and may have been used to install malware

To illustrate the scale of the problem further:

  • Last year, in a two month period, malware known as CopyCat infected 14 million devices around the world and rooted (i.e. gained root access to your device) more than half of them, about eight million devices
  • The malware spread via popular apps, which were repackaged with CopyCat and available for download on third-party app stores
  • It installed a component to the device’s system directory and targeted Android core process that launches apps, basically giving attackers admin privileges

When you get your phone out of the box, you can only alter what the manufacturer allows you to. Gaining root access means you can modify the device’s software on the deepest level, giving hackers remote control over your device.

Scary stuff.

How to beat the scammers

The best way you can protect yourself is by using mobile security. There are lots out there, but here at MPM IT we recommend BullGuard’s free Mobile Security.

 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BullGuard

2017 Will See More Advanced Cyber Attacks Says Panda Security

Cyber attacks

 

Cyber attacks are getting more sophisticated. Hardly a month goes by without another report such as the one that recently hit the NHS.

Companies are being warned to be more and more vigilant as the cyber criminals find new ways of infecting their increasingly connected worlds.

To look at this further and identify the potential weak spots that could be targeted in 2017 and beyond, Panda Security has ranked the most popular attacks of the year and analysed their evolution.

Cybercrime

Cybercriminals focus their efforts on those attacks which can rake in the most profit, using more effective tactics and professionalising their operations in a way that allows them to make quick and easy money in an efficient manner.

Ransomware

This Trojan Horse will take centre stage with regard to cybersecurity and will cannibalise other more traditional attacks that are based on data theft. The pursuit of profit is the primary motivation of cybercriminals, and ransomware is the simplest and most effective way to achieve this. Some things never change: victims of this hijacking malware will have to decide whether to pay, or not, to recover their data. Of course, paying the ransom does not guarantee the total recovery of stolen data.

Companies

The number of attacks directed at corporations will increase, as these attacks become more and more advanced. Companies are already the prime target of cybercriminals, as their information is more valuable than that of private users.

Internet of Things (IoT)

The next cybersecurity nightmare. The technological revolution has ushered in the complete integration of smaller devices into the grid, which can be converted into entryways into corporate networks.

DDoS Attacks

The final months of 2016 witnessed the most powerful DDoS (Distributed Denial of Service) attacks in history. These attacks were carried out by bot networks that relied on thousands of affected IoT devices (IP cameras, routers, etc.). 2017 will see an increase in this kind of attack, which is typically used to blackmail companies or to harm their business (by blocking web access, online shopping, etc.).

Mobile Phones

Focusing on one single OS makes it easier for cybercriminals to fix a target with maximal dissemination and profitability. Android users will get the worst of it in the next 12 months.

Cyberwar

The precarious situation with regard to international relations can have huge — and serious — consequences in the field of cybersecurity. Governments will want access to still more information (at a time when encryption is becoming more popular), and intelligence agencies will become still more interested in obtaining information that could benefit industry in their countries. A global situation of this kind could hamper data sharing initiatives in the next year.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: Panda Security

Childproofing Your iPad

Childproof your iPad

One the most annoying things in life is that although it might take you a few weeks or months to master a new piece of technology, your kid can just pick it up and start using it without a second thought.

Growing up in the technical age, our children have a huge advantage over us, which is why it’s essential you protect your files and bank balance.

You’ve probably heard the horror stories of parents having their bank balances severely depleted by their kids who were just ‘playing’ on their iPad, well now’s the time to take action (if you haven’t already done so) to make sure you’re not the next victim.

From toddler to teenage years, it’s important to make sure your iPad has the right parental restrictions activated. Thankfully, Apple has made it easy for you.

Restrictions on 

Turning on restrictions allows you to control which applications are permitted on your iPad.

You can do this by going to Settings > General Settings > Restrictions > Enable Restrictions. You will then be asked for a four digit passcode, which can be different from the passcode you use to unlock the iPad.

Switch off app downloads

By default, when you download an app, iTunes will prompt for a password, even if it’s a free app or game. But if you have recently typed in your password, there is a grace period where apps can be downloaded without being verified.

To prevent your child merrily downloading God knows what to your iPad it might be a good idea to turn off the App Store.

If you decide on this course of action, it might me wise to turn off the ability to delete apps.   Remember, it takes the intervention of a parent to download apps to the iPad, so if your kid deletes a game because they are tired of it or simply by accident, you will need to reenable the App Store, download the app or game, and then restrict the App Store again.

Age restrictions

If you don’t want to disable the App store you can restrict apps based on an age range instead.

The categories in the age-based restrictions are 4+, 9+, 12+ and 17+, with that last one including apps such as web browsers that give full access to the web, and thus, full access to websites you would rather your 12-year old not see.

Many kids, even six-year-olds and seven-year-olds, will be perfectly fine on the 9+ setting.  This is the rating given to the LEGO games and applies to apps that have cartoon violence but no “realistic” violence.

The same can be done for movies, TV shows, books and websites.

Switch off in-app purchases

Have you heard of freemium games?

These are the ones that are free but stacked with in-app purchases – usually currency or food within the game that can easily add up to a rather high price tag.

This is why it’s so important to turn off in-app purchases.

When you turn off in-app purchases, the option to buy these extras within games and apps will be disabled. This means no surprises when your iTunes bill comes in your email.

The setting for this is towards the bottom of Allowed Content, right above the time interval for requiring a password (see navigation path above).

 

Congratulations, you now have a childproof iPad – so now you have the relevant restrictions in place, how do you download apps?

First, you can simply turn on app downloads in the restrictions page, download the app or game, and turn app downloads back off again. Or, you can download the app or game on your PC using iTunes and then sync your iPad to your PC.

Another options for making sure your child doesn’t run up a huge iTunes bill is to remove your credit card from your iTunes account, or set an allowance to limit their spending.

Whichever course of action you take, it’s important to make sure your iPad (or other tablet) is childproofed – unless of course you want a hefty bill to land in your inbox.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: iPad

Protect Your Android Device

Android security

Usually, when you think about smartphones you think iPhone. Well, it come as a bit of a shock to hear that isn’t the only smartphone that’s available – there are Android ones too.

Almost every article about protecting smartphones is aimed at Apple users, well we’re about to change all that. You see, Android devices are actually more popular than their fruity counterpart (Yay!) and, due to their open operating systems, far more vulnerable to hacking and malware (boo).

So, to help you keep your information, files and photos safe here’s a quick round up of things to look out for so you can keep your Android phone (and its contents) safe from attackers.

Ready?

The Con

The most successful hacks are those that dupe you into entering your password and email address. Usually they come in the shape of a pop-up or false login screen. Your information is then get to a bot that attempts to log in to anything and everything on your behalf.

Sneaky.

The bad news is there’s no third-party way of avoiding this, so all we can recommend you do is be alert.

App installation from unknown sources

Your Android phone allows you to install apps that don’t come from the Google Play Store. This can be useful, but it can also be a curse. Once you’ve enabled your phone to install one from an ‘unknown source’, very few apps ask tell you to go back and disable it once the app is installed, leaving your phone vulnerable. So take care when installing ‘off piste’.

Malware apps

Google has worked hard to set up user testing areas for companies that want to beta test new features. As a result, should you decide to go ‘off piste’ and install apps outside of the Google Play Store, make sure you’re in no doubt that the app is safe.

These apps could be tampered with, or the app could just be malware that is labelled as something else.

Antivirus software for Android

There’s no question that Android-based devices are rapidly becoming the target for a surging tide of malware and spyware, which is why protection is vital.

MPM IT recommends BullGuard Mobile Security for Android (other products are available) because it delivers comprehensive protection so your photos and other data are always protected.

A range of features means that it’s always up to data so infections are halted, including unwanted apps such as adware. It also scans new apps for malicious code that may be ‘hiding’ in the app. Plus, a cloud-based AV engine doesn’t drain your battery while ensuring you always have the latest protection.

You can check the status of your phone with its full scan feature, which checks for possible infections, malware or unwanted apps such as adware. And it automatically scans apps as soon as they are installed on your device notifying you immediately of any malicious or suspicious apps.

Yes, it’s a faff, but we think it’s worth it for the peace of mind you’ll get that all your personal information is safe and sound.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BullGuard

Are iOS Devices Threatening Your Business?

mobile phone security

 

Did you know that only 20% of Apple iOS devices are running on the latest operating system?

Running outdated iOS systems leaves you open to well-known vulnerabilities such as Ins0mnia and Quicksand. A report by security provider Duo Security estimates that more than 20 million devices connected to enterprise networks are no longer supported by the device manufacturer. And, because they can’t be upgraded, they pose a real problem.

This issue is compounded by the fact that there are numerous devices still on the market that can’t receive updates, so potentially, even new devices could be a security threat.

It’s not just iOS

This isn’t a problem that’s just confined to Apple. It is estimated that there are more than 90% of Android devices running out-dated operating systems too.

With the number of personal mobile devices being used in the workplace, Duo Security warn that IT professionals must be aware of the risks and how to sort them quickly.

Education, education, education

The only way this can be addressed effectively is for the device users to take some responsibility.

Henry Seddon, head of European Operations at Duo Security told Computer Weekly:

“Users need educating, but organisations need to put in place systems that not only educate users, but can also encourage them and make it easy for them to upgrade to the latest versions of software. It’s up to everybody in the company to take responsibility for the company’s security and their own, and organisations need to prove the tools that stop them at key points, and encourage and enable them to follow past practice.”

Failure to do so can potentially open up organisations to malware and other forms of attack.

Security recommendations

Here are some of Duo Securities recommendations:

  1. Establish basic mobile device security policies for the company and get buy-in from business managers
  2. Enable all employees to use passcode and fingerprint screen locks to prevent trivial access to sensitive data on mobile phones
  3. Consider excluding phones that are jail broken
  4. Provide helpful tips and reminders to users to check for updates on personal devices accessing company data
  5. Update or replace outdated hardware in use in the enterprise that may no longer be supported with security updates by the manufacturer
  6. Recommend that employees using Android devices consider Nexus handsets with more frequent and direct platform update support
  7. Address common update issues up front with guidance on problems related to updating mobile devices, such as providing tips on freeing space for updates
  8. Use free tools to detect devices with particularly concerning vulnerabilities (e.g. X-Ray for Android)

This is no longer something that can be ignored by businesses. Management and employees must work together to ensure the security of data and avoid embarrassing breaches.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: Computer Weekly

Watch Out For “Freak”

protect against freak attack

According to a recent story in from the BBC, Microsoft has issued a security warning about a bug that could let attackers spy on supposedly secure communications. Although initially, it was thought to only affect Android and Blackberry phones and Apple’s Safari browser, it believes millions more may be at risk of losing data.

The Freak flaw allows attackers to force data travelling between a vulnerable site and a visitor to use weak encryption, making it easier to crack open the data and steal sensitive information. Research has suggested that 9.5% of the web’s top one million websites are susceptible.

How to get protected

Apple is expected to produce a patch for the flaw imminently and Google has updated its version of Chrome for Mac. Android have yet to say what action it is taking.

Microsoft has issued advice about how ti remove the vulnerability from some of its software. but said applying these fixes could cause “serious problems” with other programs/ It’s currently working on a separate security update to remove the vulnerability.

If you’re concerned about your computer, an online tool has been produced to help you check if you’re using a browser that’s vulnerable to the flaw.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

 

10 Ways to Lock Down Your iPhone or Android Device

Padlock

It’s horrible when you realise your phone is missing.

Your heart drops and all you can think about is all the data you have stored on it and of course the inconvenience of being phone-less.

OK, you had set up the “Find my iPhone” or Android Device Manager, but the thief can do a lot of damage before you have discovered its location.

So how can you lock down your phone to make sure its contents remain safe?

Here are 10 easy ways to ensure the security of your iPhone or Android device.

1. Passcode

It’s always best to start in the most obvious place.

If you haven’t already done so, set up a passcode to make sure you have at least one barrier between your data and would-be thieves.

2. Find my iPhone and Android Device Manager

I mentioned these briefly earlier. Both of these programmes can pinpoint your missing device, lock it remotely, set off ringers and wipe all their data, so make sure you activate them.

For Android it can be done by going to your browser and whilst signed into your Google account, visit the Android Device Manager page. For iOS, tap iCloud, Find my iPhone and enable the setting.

3. Immediate password

Both iOS and Android give you the option to wake your phone without a passcode after it’s been recently unlocked.

Whilst that might seem a good idea in theory, it leaves a rather large chink in your security. Personally, I wouldn’t use this feature, but if you want to you can find it under Settings – Security on your Android device and Settings – Passcode on your iPhone.

4. Block access to control centre (iOS)

This is the slide up window on your iPhone and iPad that gives you easy access to things like Wi-Fi, alarms, camera etc..

The problem with this that it also makes it easy for anyone to mess with your phone. In fact, a thief can use it to put your phone in airplane mode rendering the Find my iPhone app useless.

To block access to it, go to Settings – Control Centre and switch off the “Access on Lock Screen” setting.

5. Better PIN or password

Upping the anti with a longer and stronger password or PIN is an obvious way to increase your phone’s security.

On Android go to Settings – Security – Screen Lock and then tap either PIN or Password and follow the steps.

For iPhone, tap Settings – Passcode, then disable simple passcode option. Once that’s done you’ll be prompted to create and verify a new passcode.

6. Android – encrypt data

If you have Lollipop pre-installed you data is already encrypted.

If yours is older (or has been updated to Lollipop) the encryption isn’t turned on by default.

To set encryption go to Settings – Security – Encrypt phone and tap the final confirmation button. Be warned though, depending on how much data you have it can take several hours before the process is complete and you’ll need to keep your phone plugged into its charger for the whole process.

7. Activation lock (iOS)

A new iOS8 feature is Activation Lock prevents anyone without the proper passcode from activating a lost iOS device rendering it useless.

However, it only works if yo have the Find my iPhone app enabled.

8. Put your name and contact information on the lock screen (Android)

If your phone goes missing, you can always use the Android Device Manager to lock your device and flash a “rescue” message on the lock screen.

It’s a great idea, but if your lost Android phone is in airplane mode or out of wireless range sending a rescue message with your name and number won’t do much good.

Instead, add a message to your device’s lock screen now, before it gets lost—a message with your name, a phone number, an email address, or another means of reaching you.

Just tap Settings –  Security – Owner info, and enter the text of the message. On pre-Lollipop phones, you’ll also need to check the box next to Show owner info on lock screen.

9. Set your iPhone to “ping” to Apple just before its battery dies

If your missing iPhone is about to run out of juice, leaving it unable to send a “ping” to Find My iPhone, go to Settings –  iCloud – Find my iPhone and switch on the Send Last Location setting.

Your phone will then send out a final ping complete with location data to Apple’s servers, so at least you’ll know where your iPhone was before it died.

10. Hide notifications from the lock screen

Lock-screen notifications make for an easy way to check your e-mail, text messages, calendar events, and other mobile goings-on without having to unlock your phone.

They also make it easy for strangers to read your messages and take a peek at your digital life, so it’s probably best to hide them from your lock screen.

For Android “Lollipop” go to Settings – Sounds and notification, then tap the “When device is locked setting. Then you can choose from three options: Show all notification content, Hide sensitive notification content (which, for example, still flashes alerts for new email but doesn’t display subject lines or contents), and Don’t show notifications at all.

As for iOS, unfortunately, hiding all notifications from the lock screen isn’t so easy, You’re going to have to check each app that offers notifications and see if lock-screen notifications are enabled by going to Settings – Notifications, tap an app in the Include list, and make sure Show on Lock Screen isn’t switched on.

There you go, 10 simple ways to help you lock down your smartphone.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: PCWorld.com

Mobile Security – How Good Is It?

There’s a lot of talk about mobile malware, but very little of it has actually reached your handset mobile securitybecause smartphones have turned out to be far more resilient to threats than PCs and laptops.

Sounds great, but it doesn’t mean you can just sit back and relax.

Of course, makers of security software would like you to believe your device is vulnerable and many companies that allow you to bring your own device to work would rather you had some sort of protection. After all, a dodgy app spewing out text messages and running up a huge bill is one thing, but if it leaks company passwords, customer data etc., that’s something entirely different.

However, researchers at the Georgia Institute of Technology (working with the security firm Damballa) surveyed 2 networks with some 380m users and found evidence of malware infection in fewer than 3,500 phones – that’s just 1 in 108,000.

Why so few?

Well, mobile phone users are rarely ‘administrators’ so they unlikely to tinker with the settings of their device’s operating system. Plus, most users download apps from one of 2 official sites: Google’s Play Store or Apple’s App Store. Both are pretty well policed.

But for those tablets and mobiles used at work, the biggest danger comes not from malware, but from data leakage caused by employees losing their devices, meaning the greatest threat comes form the employees themselves.

The moral therefore is to ensure you only ever download apps to your mobile device from one of the office app stores and that you take care not to lose your phone, be wary of malicious emails and text messages and never pass on sensitive information.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.