How mobile ransomware works
While most ransomware attacks have taken place on computers, as mobile devices become more prevalent in the workplace, cyber criminals have begun shifting their focus to creating malware that can infect any type of device and compromise its data. This article can help you learn about mobile ransomware and how partnering with cybersecurity service providers like Mimecast can help protect your and/or your organizations’ mobile devices.
Cell phones are just as vulnerable to ransomware as any other device. Cyber criminals would take interest in infiltrating a cell phone for several reasons:
Hijacking contacts
Cyber attackers who gain access to a user's contact list could have access to names, addresses, phone numbers, and other protected information.
Once attackers gain access to your contacts list, they can then use your contacts and credentials to send text messages with malicious links to malware to other users and devices.
Banking apps and information
One of the most common reasons cyber criminals target individual cell phone users is to gain access to their bank accounts via mobile apps.
Employees in large organizations who manage bank accounts or have access to company credit cards may also be prime targets.
Therefore, it can be helpful to have an email continuity service that supports mobile email management. Mimecast’s email continuity service provides users with uninterrupted access to email from their personal devices, even when email servers are down.
Smishing
A word that combines SMS messaging and phishing, Smishing is a method cyberattackers use to send malicious links via text messages, sometimes after infiltrating a victim's contact list.
iPhone ransomware example
In May of 2014, many Apple users in the UK and Australia suddenly found their devices locked up. The price to restore access was $100.
Eventually authorities in Russia discovered two young cyber attackers in Moscow who were behind the attack. They had used a phishing technique, posing as an online video service that required users to enter their Apple IDs.
Once they had access to the devices, they were able to use the "find my phone" feature to lock access remotely to all of the victims' affected devices.
Android ransomware example
The infamous ScarePackage ransomware attack reached over 900,000 Android users in just 30 days.
Victims downloaded what appeared to be anti-virus software that would scan their devices, but was actually installing ransomware. Once complete, victims received some variation of a message accusing them of heinous offenses, such as distributing illicit materials or sending out bulk spam. The ransomware message claims that the FBI has locked the user’s phone and that the only way to unlock it is to pay a fee.
Many similar ransomware attacks have plagued Android users since 2013, and the pattern continues as ransomware becomes more sophisticated and disguises more believable.
How to protect your phone from ransomware
One of the most fundamental and important ways to protect your phone from ransomware is to partner with the right cyber security service provider, such as Mimecast. Together, we can keep your mobile devices and organization protected from ransomware.
One component of keeping mobile ransomware at bay is security awareness. Mimecast offers security awareness training that can empower individuals in your organization to recognize potential mobile ransomware threats and respond appropriately.
Mimecast integrates its secure email services seamlessly across all devices, including phones that belong to your organization and email applications that travel with employees. No matter where members travel, they can safely communicate and have suspicious links monitored remotely, all while data is backed up in our secure cloud-based system.
Try on Mimecast for your organization by getting a customized plan and quote.