Cyber Security Today: Mobile phishing attacks, forget passwords and patch your Windows

Mobile phishing attacks on the rise, you may soon be able to forget passwords and patch your Windows.
We’re bringing you the latest cyber security news Welcome to Cyber Security Today. It’s Friday April 13th.

Cyber Security Today on Amazon Alexa Subscribe to Cyber Security Today on Google Play Subscribe to Cyber Security Today on Apple Podcasts

 

Many people use mobile devices like smart phones and tablets. But in a new report security vendor Lookout Inc. warns they aren’t as well protected as company-controlled desktop computers.

Lookout did phishing tests of its customers with mobile devices between 2011 and 2016. Just over half of recipients clicked on a phishing URL sent to them. In fact, the company says, it’s easier to trick people into falling for phishing attacks on mobile devices than it is on PCs. One way is by making a phony app page, which hides the fake URL people might be looking for. The unwitting user clicks on a button to enter their password and is stung.

How can you protect yourself? If your company has a bring-your-own-device policy, ask about its mobile device protection. If it doesn’t have a policy, consider adding malware protection to your device. And be careful of links you receive not only in email but also in text messages and social media.

Using passwords to log onto sites and applications can be a chore, in addition to being risky — so many passwords to remember. It may become easier soon. SecurityWeek reports that Microsoft Edge, Google Chrome and Mozilla Firefox web browsers may be approved shortly to handle an upcoming password-less solution. A standard called Web Authentication has been built by the FIDO Alliance of software companies and the World Wide Web Consortium for browsers. It’s in the final stages of approval. Web Authentication has already approved for Windows, MacIntosh, Linux, Chrome OS and Android platforms. Solutions built on this standard will allow smartphones, fingerprints or eye scanners to be used to log into sites. Goodbye passwords, supporters hope.

Finally, this week Microsoft’s April Patch Tuesday saw the disclosure of 64 bugs, 24 of which were labelled critical, along with a bunch of fixes. That’s on top of a non-scheduled Windows update issued last week. Trend Micro notes this week’s patches cover problems with the way Windows handles fonts, a flaw in Microsoft Wireless Keyboard 850 that leaves an opening for a nearby hacker to read keystrokes and another bug that can let someone hijack a vulnerable system and modify or delete its data and programs.
So make sure Windows is set to automatically download fixes, or if you prefer to do it manually, make sure it gets done today.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, your Alexa Flash Briefing or wherever else you listen to podcasts. Thanks for listening.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast