March 2016

Beware downloading some apps or risk “being spied on”

It was reported the other day that Google had removed several Apps from the Play Store because they were associated with terrorist organizations.

Popular apps on your smartphone can be convenient and fun, but some also carry malicious software known as malware, which gives hackers easy access to your personal information. A security firm found that between 75 and 80 percent of the top free apps on Android phones or iPhones were breached. The number jumps as high as 97 percent among the top paid apps on those devices.

Whether these apps help advertisers target you or help hackers rip you off, you’ll want to do your homework before downloading apps, reports CBS News correspondent Anna Werner. California’s Susan Harvey said she was a victim after she used a debit card to download a slot machine game app to her cell phone through a Google Play store account.

“It was something you purchased once, for like $15,” Harvey said.

 

When she went to reload the game, she found hundreds of purchases had been made — by her math, more than $5,000 worth of transactions.

“My heart sank, I just sat there looking at it… I physically, I was sick, because I didn’t know what they were,” Harvey said.

That story’s no surprise to cybersecurity expert Gary Miliefsky, whose company SnoopWall tracks malware. He said certain apps are designed to steal your personal information.

“What are the consequences for me as a consumer?” Werner asked.

 “You’re gonna lose your identity. You’re gonna wonder why there was a transaction. You’re gonna wonder how someone got into your bank account and paid a bill that doesn’t exist,” Miliefsky said.
Milifesky said when you download an app, you also give permission for it to access other parts of your phone, like an alarm clock app that can also track phone calls.

“You think an alarm clock needs all those permissions? Access to the Internet over wifi, your call information, calls you’ve made, call history, your device ID? This to me is not a safe alarm clock,” Miliefsky said.
And there’s the weather and flashlight apps that he says exploit legitimate banking apps to capture information, as he showed us in a demonstration of what could happen when someone takes a photo of a check to send to their bank.

“The flashlight app spies on the camera and noticed the check and grabbed a copy of it. Shipped it off to a server somewhere far away,” Miliefsky said.

 Last year the group FireEye discovered 11 malware apps being used on iPhones that gathered users’ sensitive information and send it to a remote server, including text messages, Skype calls, contacts and photos Apple fought back by removing the apps and putting stricter security measures in place.

“They get at your GPS, your contacts list…to build a profile on you,” Miliefsky said.

 

Some apps are simply collecting information for advertising purposes. In 2014, the Federal Trade Commission settled a lawsuit with a company over its popular Brightest Flashlight app, alleging it transmitted consumers’ personal information to third parties without telling them. But Miliefsky said he’s found another flashlight app that can do much more troubling things.

“This one turns on your microphone in the background, listens in on you, and sends an encrypted tunnel to a server we discovered in Beijing,” Miliefsky described.

“You’re saying that they’re actually listening to people’s conversations and sending that audio back to Beijing?” Werner asked.

“Yeah, we’ve tracked it. I can show you where it does it,” he said.

Miliefsky said it can be traced to a few blocks from Tiananmen Square on Information Drive in Beijing. He gave a report on that app to the FBI.

His recommendation?

“We really have to look at our phone and say, ‘This is really a personal computer that fits in our pocket. Let’s shut down all the apps we don’t use. Let’s delete apps that don’t make sense and reduce the risk of being spied on,'” Miliefsky said.

The creator of the Brightest Flashlight app settled with the FTC, agreeing to change its policy and delete all the information it had gathered. Harvey sued Google over her alleged hack, but a judge recently dismissed it, saying she and her attorney filed too late. Google said fewer than one percent of Android devices got bad apps in 2014.

© 2016 CBS Interactive Inc. All Rights Reserved.

 

Tech Tips are Brought to you by

LIASB Technology Co-Chairs,

Joy Graceffo – Long Island Essential Software & Training Joy_Graceffo@liesoftware.com

Fred Dunwoody – FJD & Associates fdunwoody@fjdassociatesinc.com

June 2017

Landing Page Best Practices

You only have about 6 seconds to grab someone’s attention and then they are on to the next thing. Here are some tips for creating compelling landing pages that will entice them to take action.

Read more

May 2017

Ransomware attacks

The world's biggest cyberattack has hit at least 150 countries and infected 300,000 machines since it started spreading last Friday.

The victims include hospitals, universities, manufacturers and government agencies in countries like Britain, China, Russia, Germany and Spain.

Read more

April 2017

Facebook Advertising

 More than 1.8 billion people use Facebook each month

In 1 out of every 5 minutes – people are using a smartphone on Facebook

Read more

February 2017

Social Selling - LinkedIn Navigator

We are in the era of Social Selling (using Social Media to sell).  We hear it everywhere.

Why does social selling matter?:

Read more

January 2017

Marketing on the Rise

Are you looking for a new upcoming way to market?

This technology is not new but is becoming increasingly popular and seems to be a great bang for the buck.

Read more

November 2016

Facebook Live What is it???

Facebook Live is a new feature of Facebook that is becoming a great marketing tool. It marks an important trend in the social media and mobile technology worlds.

Read more

October 2016

What’s in those Terms of Use?

How often do you really take the time to see what is in the terms of use statements? Most people are in a rush to get or update the app, use the software or join, they simply skim over or don’t even read it.

Read more

June 2016

LIASB Members Center

Welcome to the new LIASB Member Center where business gets done.

Read more

May 2016

Push Response

Google, Apple, and Firefox released new technology called Push Response which allows you to get more traffic and sales by sending messages directly to people’s computer desktops and to android mobile devices.

Read more

April 2016

Dangerous escalation in ransomware attacks

When Hollywood Presbyterian Medical Center revealed that it paid 40 bitcoins — roughly $17,000 — in ransom to hackers who essentially held the hospital’s computer system hostage, it marked a dangerous escalation in the high stakes surrounding ransomware.

Read more

March 2016

Beware downloading some apps or risk “being spied on”

It was reported the other day that Google had removed several Apps from the Play Store because they were associated with terrorist organizations.

Read more