In today’s connected world, cyber threats can be present in almost any setting. They can be sitting on the desk in your child’s bedroom. Or on a family laptop you’ve connected to a free access point as you wait to board a flight. They can even be installed on the phone in your pocket. And these threats could ultimately lead to you becoming the victim of a data breach, trojan infection or worse.
Unfortunately, thanks to the financial incentives for scammers, too many of us will become victims of cyber crime. And one in three internet users say they’ve experienced cyber crime in the last 12 months, according to a 2022 F‑Secure survey (source: F‑Secure Simply Protected
Consumer Survey, December 2022).
Everything is financially motivated,
said Tom Gaffney, Director of Business Development, Network Services at F‑Secure. It’s all about money. So cyber criminals will go where the money is, and where the money is for them centers around volume and vulnerability.
So, we know cyber threats are out there. But what do they actually look like? And how do they affect their victims? In this post we reveal how three trending methods — infostealing, phishing and bad Android apps — are spread and operate in the wild. With the goal of showing you how to avoid and identify trending cyber threats before any serious harm is done.
Infostealers, also known as information stealers, have become the most common type of malware, with RedLine stealer being the most prominent cyber threats in this category.
Infostealers it the definition of a trojan, which is malware designed to mislead users by posing as legitimate software, such as a mobile banking app. And infostealers are also able to capture data such as account passwords, cryptocurrency details and credit card information.
How infostealing works
Criminals lure victims into installing infostealers by tricking them into clicking on malicious attachments or links, which — once a user clicks on them — unwittingly starts the installation. When running on the victim’s PC, the infostealer then collects targeted information and awaits further instructions.
Once installed, the infostealer will run silently, sucking up targeted data, including credentials stored on the browser, instant messages, screen captures and more. And the stolen credentials are then packaged up into logs
, before being sent back to cyber criminals, who will usually list them for sale on the dark web (although not all infostealing is financially motivated, with vulnerable groups sometimes targeted using such methods).
Dealing with infostealers
When it comes to infostealers, prevention is the best course of action, because — by design — infostealers are created to avoid detection; this means you should only download software from trusted and official sources, and avoid opening attachments and clicking links within messages from unknown senders.
However, prevention isn’t always possible, and you can gain added protection from infostealers via anti‑malware software such as F‑Secure Total, which will stop them installing or running on your devices. F‑Secure Total does this by recognising infostealers directly via their signatures
and suspicious behaviour. And it will also stop you visiting malicious websites that spread infostealers, using browsing protection.
Another way to ensure you stay secure is to choose security software with additional banking and shopping protections, which can spot fake websites and protect your connection to banking services.
In the event that an infection is found, change any passwords that may be stored in your browser, along with the login and password credentials for any services you’ve accessed through your PC, using a tool like F‑Secure’s strong password generator.
Phishing describes a cyber attack that tricks users out of private information, or convinces them to click on links or attachments that link to malware. The attacks are usually distributed via digital communication, including email, SMS and social media messages. And they rely on different tactics to build trust and create a sense of urgency with victims, who are ultimately lured into handing out sensitive information and money (or are tricked into clicking on a bad link).
How phishing works
Criminals start by establishing a realistic looking phishing site, email, SMS message or other form of digital communication; these often take the form of an update, warning recipients that their details have expired or a payment has been declined. Criminals then send these phishing messages to a large contacts list, usually based on breached, leaked or scraped data.
Because of the scale of phishing attacks, scammers only need to successfully dupe a fraction of the people they target. And once they do, the victim is directed to a real‑looking version of the site being simulated, where they then hand over their details or click on malicious links.
Dealing with phishing
If you’ve fallen victim to phishing then you should change any affected passwords. And if you’ve entered credit card details or financial information, contact your bank, and follow their instructions, such as cancelling your card or setting up a fraud alert on the account.
Unfortunately, you may not know if you’ve fallen for a phishing scam, so use a service like F‑Secure ID Protection to monitor if your data is on the dark web.
Cyber threats targeting Android devices are on the increase, and — according to F‑Secure infection hits
data — 32% of these are malware (with 66% qualifying as potentially unwanted apps, or PUAs, which, though less harmful than malware, can still slow down your device, collect data and affect functionality).
The line between potentially unwanted apps and malware can be blurry. However, malicious apps cross the line by taking over users’ accounts, with Android malware including banking trojans, such as SharkBot, which steals user credentials. And in recent months, threats including SharkBot have started to appear in the official Play Store.
How bad Android apps work
A common scenario is that someone is using an app such as SnapTube, a popular free Android video downloading app, and then sees an in‑app advert for a bad app like YoWhatsApp (an unofficial version of WhatsApp). Once installed, the app functions just like the official WhatsApp.
Unfortunately, the installation also grants the Triada trojan the same permissions as the app, enabling criminals to upgrade users to premium subscriptions without their permission. And their WhatsApp accounts are also at risk of being hijacked and used for carrying out other attacks.
Dealing with bad Android apps
If you think an app is tracking you or contains malware, delete it — especially if it didn’t come via the official store. To do this, open Settings in Android. Choose Apps & notifications
and See all apps
. Select what to uninstall and follow the instructions. If it doesn’t work, hold Power Off
for a few seconds to restart in Safe mode
and then try again.
There’s no need to worry about the latest cyber threats. With 30 years of experience, F‑Secure does all the hard work for you. And F‑Secure Total’s award‑winning technology protects against mobile attacks, phishing, infostealers and more.
You can try it for free for 30 days, with no credit card required.