Massive Mobile App Fraud Kicks Off Black Friday Cyber Exploits

Posted by Greg Mancusi-Ungaro

Mon, Nov 07, 2016

Just as the cyber-election manipulators are finishing their work, the "for-profit" population of on-line fraudsters are coming online -- launching their efforts to bilk the public between now and November 25, Black Friday, the peak of heaviest online shopping day of the year.

Mobile app fraud is dominating the first wave of this year's Black Friday cyber attacks. First reported in the New York Post, and further reported in the New York Times, a slew of imitation and copycat mobile apps have appeared online in the last few weeks - parodying trusted brands such as Dollar Tree and Foot Locker, iconic stores like Dillard’s and Nordstrom, online retailers like Zappos.com and Polyvore, and luxury-goods purveyors Jimmy Choo, Christian Dior and Salvatore Ferragamo.

What makes this wave of fraudulent applications different is the targeted platform: Apple's iOS.

Historically, the bulk of fraudulent mobile apps detected and analyzed by BrandProtect and other vendors have appeared on various android platforms and have been distributed via third party and offshore app stores.  Not so with these rogue apps -- these have been discovered on the official Apple App Store.

Read More

Topics: black friday, mobile app monitoring, cyber monday, mobile malware, CISO, External Threat

New FFIEC Guidance Highlights Mobile Banking Risks

Posted by Greg Mancusi-Ungaro

Thu, Jun 09, 2016

The FFIEC has just published new examiner guidelines focused on institutional risks arising from mobile banking technologies and practices. Financial Institutions are now likely to face tough questions about their security practices around mobile apps, and mobile banking websites and infrastructure. This new guidance applies to all FDIC institutions, including those with assets less than $1Billion.

From the April FFIEC Guidance on Mobile Banking:
  • The appendix emphasizes an enterprise-wide risk management approach for effectively managing and mitigating the risks associated with mobile financial services.
  • The appendix discusses the technologies used in the mobile delivery channel, elevated risks that may result, and appropriate controls implemented by institutions or third-party providers.
  • The appendix contains a work program to assist examiners in determining the risks posed by an institution’s mobile financial services and assessing the controls that have been implemented to mitigate those risks.

For the first time, the FFIEC is emphasizing that institutions gain visibility to and understanding of ALL mobile apps and mobile banking infrastructure that appear to be related to the institution. Some of these will be legitimate, implemented and authorized by the institution. But others will have been deployed by cyber criminals to attack the institution, the institution's customers, and the institution's partners.To help CISOs and security teams better understand the guidance, and to provide useful strategies for addressing these new security requirements, BrandProtect subject matter expert Dylan Sachs will review the recent guidance in a free one-hour webcast schedule for June 23, 2016 from 1:00 - 2:00 p.m.

Read More

Topics: mobile app monitoring, cyber threats, Chief Security Officer, bankSMART, FFIEC

Viewpost Chooses BrandProtect

Posted by Greg Mancusi-Ungaro

Wed, Dec 02, 2015

Viewpost® Selects BrandProtect™ to Secure Complex Attack Surface

Payments Marketplace Provider Required a Solution With Round-the-Clock Threat Monitoring and Mitigation to Protect Its Customer Information From Beyond the Perimeter Attacks

Read More

Topics: Malware, mobile app monitoring, Security, Social Media Monitoring, Phishing, webinar, SMART, brandSMART, bankSMART, threatSMART

Are the mobile apps you and your customers downloading really safe?

Posted by Greg Mancusi-Ungaro

Fri, Jan 23, 2015

Mobile App-based Threats Can Quickly Derail Your Brand

Mobile Apps are in the news. And they deserve to be. Mobile devices are driving a revolution in computing form factors and transforming digital commerce. Today, businesses aggressively use mobile apps to provide their customers instant connectivity to content, commerce and customer service. From banking and retail to insurance and entertainment, marketing teams are increasingly delivering mobile apps to drive carefully created brand experiences with their customers via these devices that are permanently on … and rarely farther away than a purse or pocket.

Read More

Topics: mobile app monitoring

Mobile Malware Explodes 614%! Is Your Brand Protected?

Posted by Adriana Tayraco

Fri, Jul 12, 2013

The latest Mobile Threats Report by Juniper Networks has thrown some alarming statistics. For instance, while mobile malware across all mobile platforms grew 155% in 2011, between March 2012 and March 2013 that number has escalated to a shocking 614% or 276,259 total malicious apps. There are over 500 third-party app stores containing malicious apps with incredibly low levels of accountability. Want to hear more? 73% of all malware is sending fraudulent premium SMS messages that can charge the unsuspecting user up to $10 every month.

Read More

Topics: Malware, mobile app monitoring, Phishing, mobile malware

Which Smartphone OS protects you, your organization and your brand the best?

Posted by Omri Benhaim

Tue, Jan 22, 2013


The debate has never been livelier and companies are still asking “Which OS provides the best security and management tools for my business”? In the beginning we only had to choose from 2 options: BlackBerry and iPhone. At the time the obvious choice was BlackBerry due to their enhanced security features. But over the last 4 years new OS systems have been released as well as the concept of BYOD (Bring your own device) to work and the OS debate has been reignited. But why is it important you ask? There are 3 things to think about: Phishing, Malware and Brand Abuse. Phishing and Malware have become such a common occurrence these days that it is imperative that the OS system you choose provides the most secure and manageable email system as well as the most up to date and comprehensive malware protection system possible. Protecting private emails, texts and local documents on each employee’s phone prevents fraudsters from stealing that info which could allow them to learn financial, trade and development secrets which could be used to create fake mobile apps (abusing your trademarks) as well as providing them email addresses, contracts etc. which they could use for “traffic diversion”, “counterfeit activity” and “misrepresentation”. So which OS is best: Windows, Android, Apple or BlackBerry?

Windows:  As the Windows OS is still fairly new to the market it is hard to evaluate its performance in an enterprise context. Having said that, the OS itself performs well in general and has a similar security model as Android while providing slightly higher security features and scrutiny.

Read More

Topics: Malware, mobile app monitoring, employees social media

Internet Reputation Management Guidelines Series: The Importance of Monitoring

Posted by Adriana Tayraco

Mon, Jan 21, 2013

Monitoring

Effective Internet reputation management is dependent on the ability to gain visibility into your Internet presence.  This requires understanding the particular “Internet ecosystem” involved.  The diagram below depicts the variety of ways brands are represented online, from its website through to the presence of associated marks on non-corporate sites, through to how they are being discussed in social media.  These are the areas to be monitored for true coverage. 

Read More

Topics: mobile app monitoring, brand abuse, Social Media Monitoring, brandprotect

INFOGRAPHIC: Black Friday & Cyber Monday Monitoring

Posted by Omri Benhaim

Mon, Dec 03, 2012

Black Friday and Cyber Monday 2012 are done, but the holidays are still upon us. Is your current monitoring platform enough?

Do you monitor your brand on Social Media? If you do then you have taken a big step in protecting your brand online, but social media monitoring is only one slice of the brand protection pie. Scammers employ various methods in an attempt to divert, confuse and steal from your customers, which, if left unattended tarnishes your brand’s reputation.

Read More

Topics: black friday, mobile app monitoring, Brand Protection, Domain Management, Copyright Law, Social Media Monitoring, cybercrime, trademark, cyber monday, online sales

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

  Get the Weekly CyberDigest

 

Subscribe to receive a weekly summary of our latest posts

Posts by Topic

see all