This week’s security news takes a look at the danger of malicious apps, outdated software, mobiles and unprotected POS.
Bitdefender Labs has reported that over nine million registered users of Tinder could be at risk from a series of bots which have invaded the dating app and are now spreading dangerous downloads.
The malicious schemes attempt to lure users with tempting profiles and pictures, some using pictures stolen from an Arizona-based photography studio.
Kaspersky Lab has reported that a third of all phishing attacks are aimed directly at stealing money.
The firm’s research revealed that in 2013, 31.45 per cent of phishing attacks exploited the names of leading banks, online stores and online payment systems.
The most attractive targets were banks, which were used in 70.6 per cent of all financial phishing attacks, with Amazon.com the most popular cover for phishing attacks impersonating online stores – its name was used in 61 per cent of online trade-related phishing attacks.
In addition, Kaspersky found that phishers are increasingly using social networking sites – the number of attacks using fake Facebook pages and other social networking sites grew by 6.8 percentage points and accounted for 35.4 per cent of total attacks.
To further educate technology users on the danger of cyber attacks, Kaspersky has also launched an interactive cyberthreat map that visualises cyber security incidents occurring worldwide in real time.
Elsewhere, a F-Secure survey has suggested that many businesses are risking company assets by using outdated software.
The security firm reported that ninety-four per cent of small and medium size businesses (SMBs) it spoke to think it is important to keep software updated, but only 59 per cent of businesses stated that their software is always up to date – with 63 per cent blaming a lack of available resources for the outdated software.
Other risks are present for smartphone users: security specialist Avira announced today that it has added three features to its new premium Avira Antivirus Security Pro app to protect the 95 per cent of adults who currently use a mobile in the UK.
Mobile Point of Sale (MPOS) devices are also at risk, and can be easily hacked, leaving banks, retailers and millions of customers exposed to serious fraud around the world, claims security firm MWR InfoSecurity.
MWR Labs researchers have demonstrated that it is possible to compromise MPOS terminals with multiple attacking techniques using micro USBs, Bluetooth and a malicious programmable smart card.
Jon, head of research at MWR InfoSecurity, said: “What we have found reveals that criminals can compromise the MPOS payment terminal and get full control over it.
“This shows that card holders paying at MPOS terminals worldwide are potentially at risk. Banks and retailers should also be wary when implementing this technology as it could leave them open to serious fraud.”
According to Experian and the UK’s fraud prevention service CIFAS intheir Fraudscape report, the changing nature of identity-related crimes since 2009 has had a substantial effect on the demographics of fraud victims.
The report states that more financially-secure social groups are more likely to be victims of identity-related crimes. Most frequently targeted by identity fraudsters is the ‘Alpha Territories’ group (an average of 764 victims each year per 100,000 adult population) – the group consists of people with "substantial wealth who live in the most sought-after neighbourhoods".
Other common targets are the ‘Liberal Opinions’ group (513 victims per 100,000), who are "young, well-educated city dwellers", and the ‘Professional Rewards’ group (424 victims per 100,000) – said to be "experienced professionals in successful careers enjoying financial comfort in suburban or semi-rural homes".