Mobile hackers holding phone users to ransom

Chris Hails warns that Android users are particularly at risk of cyber crime.

Mobile cyber crime is on the rise and people using Android devices are most at risk.

Chris Hails at Netsafe explains that cheap Android handsets available at most retailers are left behind by software updates that can't be installed on inferior phones.

"Ransomware is huge on mobile," he says.

READ MORE:
• Cybercrime not always an expert's game
• Herald Talks: Hon Amy Adams on cyber security

Google, says Hail, is well aware of the problem. There is currently 10 times more ransomware on Android devices than Windows or iPhones.

A well-publicised case hit New Zealand just last year. Android users were getting scammed with lockscreen ransomware that claimed to have come from the Police Cyber Crime Unit and included the GCSB logo. The ransomware would display a case number, IP address and would take contacts from the address book along with a picture of the user to appear legitimate.

An accompanying message said "You are accused of viewing/storage and/or dissemination of banned pornography (child pornography/zoophilia/rape, etc)".

The user was asked to pay a fine of $200 to unlock the screen, or the selected contacts would be "interrogated".

Many people were scared by the threat of embarrassment and believed the message really was from the police.

These sorts of attacks typically come from overseas -- frequently Eastern Europe. People who pay up are not going to get their money back and those who delivered the ransomware are extremely difficult to prosecute. Symantec has called mobile cybercrime the "new cash-cow" for hackers.

In the scheme of things, Hails says, mobile attacks are more of an "annoyance" than a serious threat. The money demanded tends to be quite low compared to larger and more elaborate desktop scams.

Losing contacts and access to text messages can be damaging, but is nothing compared to a compromised corporate system.

To avoid having ransomware installed on your phone, users should keep internet contact on mobile to a superficial level by not clicking on advertisements, email attachments and so on. Never install apps that you are unsure about and be careful about what websites you use on your phone.

And if you do encounter lockscreen ransomware, turn your phone off and boot it in safe mode -- if you're unsure how to do that, google safe mode instructions for your phone model. Then find and delete the application. Restart your phone normally. If the ransomware is still there contact an expert.

Never pay the ransom. You could waste money for no reason.

If you have any questions on cyber security, email Francis Cook at francis.cook@nzherald.co.nz.