JavaScript disabled. Please enable JavaScript to use My News, My Clippings, My Comments and user settings.

If you have trouble accessing our login form below, you can go to our login page.

If you have trouble accessing our login form below, you can go to our login page.

Cyber criminals target mobile users, social media

Date

Zoom in on this story. Explore all there is to know.

Mobile devices ... increasingly targeted by cyber criminals.

Mobile devices ... increasingly targeted by cyber criminals.

Australia's top cyber cops are warning that social networking sites such as Facebook are increasingly being targeted by cyber criminals as a way to steal internet users' money.

The growing commercialisation of social media through links to online trading such ''buy, swap and sell'' sites means cyber crooks now have a strong motivation to hack people's account details, police say.

In an interview with Fairfax Media, the Australian Federal Police's manager of cyber crime operations, Commander Glen McEwen and Melbourne team leader Federal Agent Scott Mellis outlined a range of new threats facing web users.

These included vicious ''form-grabbing malware'' that can steal large amounts of personal data, as well as complacency about the security of mobile devices, which most people do not protect with anti-virus software, even while using their phones to do banking.

One particular emerging threat was the growing link between social networking and online trading known as ''buy, swap and sell sites'', Mr Mellis said.

''You sign onto those sites with your Facebook account and, as a result of that, you start using those platforms for trade,'' he said. ''There's going to be money involved and hackers will be interested in getting inside those.''

This includes malware attacks that steal payment details through social networks or tricks users into handing over those details, he said.

''I had a friend the other day wanting to use a local 'buy, swap and sell' network and they needed a Facebook account to actually get onto it, so that's an example of how this sort of trade is coming into the social networking space.

''My team has seen this as something that's rising out of the surface at the moment. I do see it as a trend.''

Previously there had been little incentive for anyone to hack into social networking sites, other than to get the personal information of another user.

Another threat Mr Mellis said is ''definitely a trend'' is mobile device malware. While most people today carry smartphones, few people thought about anti-virus protection for those devices in the same way they protect their computers.

''They don't think of [smartphones] as computers so therefore they don't put an anti-virus on them. They can be compromised as easily as your computer can be compromised. And people do their banking on these now.

''Why would you do your banking on a phone but not use an anti-virus?''

Mr Mellis said people should explore the options for securing their phones.

''I'm not in the business of scaring people but it's a good idea to see how you can defend your data because you're accessing very, very sensitive information on your phone.

''Criminals exploit the path of least resistance, which makes mobile platforms a target.''

Commander McEwen said most cybercrime was preventable, though it ''could take a whole generation for people to become technically savvy enough and aware to implement such safety measures''.

People need to think of cybercrime in the same way crime is thought of in the real world, he said. A ''distributed denial of service'' attack – crashing a major system – was akin to a major arson attack, while theft of bank details was a robbery.

''It's a challenge for law enforcement to demystify what the cyber world is about. It's all the commission of crime,'' he said.

 

Security tips

* Maintain current anti-virus software that is obtained from a reputable source and is regularly updated.

* Make sure your operating system is updated to ensure any security vulnerabilities are mitigated.

* Use strong passwords to protect personal information.

* Passwords should also be kept secret and changed regularly.

* Limit the amount of personal information placed on the internet.

* Do not provide financial or other personal information to people you do not know and trust.

* Never click on links contained within spam or unexpected emails.

Anyone who believes they are a victim of a scam should report it to SCAMwatch on 1300 795 995 or go to scamwatch.gov.au.

8 comments

  • Anti-virus for my walled iOS garden... apps in iOS are forbidden to gain access to data outside of their own sandbox... if Apple does detect any malware it will be removed from the App Store immediately too, the only way something may possibly go wrong is if you jailbreak your device, otherwise iOS is setup in a way which makes it remarkably difficult for anyone to steal your information from the device itself. Snooping your network activity for insecure connections is still doable obviously. Might be worth confirming in the article that this rarely ever applies for standard iOS devices. Android I definitely would see the point in anti-virus though.

    Commenter
    Zen
    Date and time
    February 08, 2013, 2:24PM
    • so @Zen are you saying iOS users don't have to worry about security, just like Mac users? Let's not kid ourselves here, Apple has had some monumental issues, most recently the ability to get in to the iPhone passbook information via the lock screen without having to use a PIN. The worse part is, this is the second time this has occurred on iOS, Apple just didn't learn from the first incident.

      My advice to people, no matter what the device, if you have any personal information on it take every step to protect it.

      Commenter
      Noel
      Location
      Sydney
      Date and time
      February 09, 2013, 7:10AM
    • The reality is most iOS users do jailbreak their iPhone so they can get the full benefits of the device. The philosophy of having protection is always better than none holds true here. One would assume that they would be more confident using a device with protection over one with none for sensitive tasks, e.g. banking. Remember the virus-free advert. apple kept selling to others about their range of Mac PCs? They can't claim that anymore as there are viruses targeting that platform. The only risk free device is the one not connected to the internet.

      Commenter
      Julia
      Date and time
      February 09, 2013, 9:15AM
  • I voted No because I use a Nokia N9 which would be immune to most virus/trojans running about the network. If I was running Android, WinPhone or iPhone I would deploy some extra defences... also I don't do anything that concerns money etc on a phone.

    Commenter
    DigiGuy
    Location
    BrisVegas
    Date and time
    February 08, 2013, 6:15PM
    • Apple doesn't require separate antivirus software.

      Commenter
      James
      Date and time
      February 08, 2013, 8:47PM
      • @Zen - are you serious? Or maybe you are a hacker group targeting Apple? Just one little bug = an opening for a virus, sandboxed or not. There's always someone smarter than you (not you personally) out there. Any system is hackable...
        Another big security point with android is the totally uncoordinated approach in pushing out updates. Google need to do something so these updates get out quicker so people aren't relying on slow manufacturers and telcos to "rebrand" and "test" updates on their networks.

        Commenter
        Jack
        Date and time
        February 09, 2013, 7:42AM
        • Nonsense, Apple has a terrible record of malware, jailbreaks etc. The tighter they try and control things the more they slip through.
          Ultimately its up to the User to learn how to use their device correctly.

          Commenter
          James
          Date and time
          February 09, 2013, 8:42AM
          • Reply to Zen.
            You are correct that apple does a good job of keeping malware off of their devices. However most people receive emails on their iPhone and the same "sand boxing" you mention also prevents security software from scanning links before they are opened in Safari ( the apple web browser) phishing and fraud emails are a huge issue, and apple users are particularly at risk because they cant easily integrate a security app onto their device. It is important for mobile phone And tablet users on all platforms to be vigilant and apply common sense as well as trusted security products.

            Commenter
            Greg
            Location
            Sydney
            Date and time
            February 09, 2013, 9:28AM
            Comments are now closed