Cyber Security Today: A mobile app testing scam, British teen arrested and security updates to watch for

A mobile app testing scam, British teen arrested and security updates to watch for

Cyber Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Last week I told you about a telephone credit card scam with someone pretending to be from Visa who says they might have to remotely connect to your computer to investigate a suspicious charge. A security researcher on Tripwire warns of a similar scheme. In this case the attacker tries to dupe people through an email into installing an app called AirDroid on their mobile phones by saying they’re looking to hire an application tester. They promise to pay you through your credit card for taking the time to test the app. AirDroid is a legitimate app in the Google Play Store that allows someone to remotely access your device. But in this scam the goal is to get you to authenticate the app using a phony password provided by the attacker. When you tell the the scammer your credit card number and the bank money should be transferred to, the attacker uses the remote connection to get the bank to send money to him or herself. A couple of lessons: There’s no reason to have a remote connection app on any computing device. Your smart phone isn’t a toy. Don’t download everything. And no one offers you a job over the Internet without strings attached. In this case, costly strings.

U.K. police say a 19-year old British lad pleaded guilty last week to emailing bomb threats to schools in the United States and the U.K. this year. In fact, while he was on bail he sent in a bomb threat to an American airline. The teen was apparently a member of a group called the Apophis Squad, which also launched denial of service attacks against the free encrypted ProtonMail email service – a service which they also used. The Squad claimed they could never be found by police. But with the help of ProtonMail, British police and the FBI at least one of the gang was identified.

Finally, if you use the virtual private network software from Proton or Nord you should update to the latest versions. Virtual private networks or VPNs hide your computer’s address from snoopers and encrypts data between web sites. But researchers at Cisco Systems Talos threat intelligence service found new vulnerabilities. These have been patched by both software manufacturers. And if you use the Firefox browsers, security updates are now available for them as well.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast