In May 2022, several cyber criminals in Dehradun managed to hack Instagram users and convince their followers to invest in cryptocurrency. The Times of India reported that multiple Dehradun residents were pulled into a fake cryptocurrency investment plan when their friends posted Instagram stories detailing how they’d made a fortune by investing in cryptocurrency. Wanting to do the same, victims like Shubham Nagliya lost Rs 53,000 after transferring the money to a bank account provided by a cybercriminal who was pretending to be his friend. Investigations on the matter are currently ongoing.
Cybercrime Activity on the Rise in India
Such phishing schemes are not new. According to Verizon’s Data Breach Investigation Report in 2021, ransomware breaches increased by 13 percent worldwide. The report analyzed over 87 organizations worldwide and found over 23,000 security and data issues. With millions of people working from home as the pandemic rages on worldwide, cybercriminals have chosen to target organizations and everyday humans.
It seems that cybercriminals are getting increasingly more persistent with their attacks. More than 40 percent of the cases highlighted in the Verizon report were caused by stolen credentials, while close to 20 percent of the cases were due to phishing activities. As Anshuman Sharma, Senior Manager and Head Investigative Response, APJ at Verizon, told the Indian Express, it’s relatively easy to deploy malware or ransomware. “You can go to the darknet, check what you want, pay for it, and you get it.”
If you think that only companies and organizations are prime targets for cybercriminals, think again. A few weeks ago, the Indian Computer Emergency Response Team (CERT-In) shared reports on severe vulnerabilities affecting several popular Apple products, including the Apple Watch, Macs, iPhones, and iPads.
CERT-in revealed that arbitrary code could exploit these vulnerabilities, allowing remote attackers to bypass security restrictions and potentially cause denials of service attacks. Apple is currently aware of the issues and has released security patches to fix them.
In the first quarter of 2022, India faced over 18 million cyber attacks and threats alone. Sixty thousand of these attacks were phishing attempts, while over 30,000 were tech support scams. As travel restrictions ease and more countries open up, these scams will likely continue to flourish as the year progresses.
Protecting Your Smartphone from Hackers
a) Create stronger passwords
To protect themselves against hackers looking to exploit these vulnerabilities, consumers are advised to secure their devices with strong passwords and avoid using some of the most common passwords worldwide.
Passwords are the first line of defence against hackers and other nefarious activities, so it’s critical to create strong and complex passwords that are difficult to crack. Always choose passwords that are more than 12 characters long and have a mix of symbols, numbers, and upper and lower case letters.
Password management systems like LastPass, Okta, and 1Password are also recommended because they offer robust security and take the hassle out of memorizing multiple passwords.
b) Use multi-factor authentication
When setting up passwords, make it a point to enable two or multi-factor authentication (2FA or MFA). Both types of authentication methods require users to input a password and another identifier like a fingerprint or face scan to verify a login. Alternatively, authentication apps like Authy and Google Authenticator can be linked to smartphones and are available to verify logins with codes.
c) Keep all apps and software updated
Cybersecurity experts often advise consumers to keep their apps and software updated to prevent hackers from exploiting vulnerabilities in older versions of software. New software or apps are generally accompanied by release notes that tell consumers what issues and vulnerabilities were discovered and fixed. Dedicated hackers are likely to keep up with news on these vulnerabilities and will find ways to exploit them.
d) Delete rarely used apps
The 2019 Personal Data Protection Bill, which looks to provide legal protection for the personal data of Indian citizens, has still not been passed in India. Currently, this means that tech companies worldwide could potentially track, store and share a user’s personal data without their knowledge.
To prevent this, it’s best to limit the amount of data and permissions apps on smartphones. Users should always try to delete apps that they’re no longer using or revoke access to certain things like photos and credit card details.
Alternatively, consumers can afford to be more discerning about the types of apps they’re downloading and the data they’re sharing with these apps. If allowed, avoid sharing unnecessary data like contact and calendar information.
e) Get an antivirus app
One of the best ways smartphone users can protect themselves is by downloading an antivirus app that can detect potential malware and threats from malicious third parties. Several major antivirus software brands also make smartphone apps that could help users stay protected.
As the world becomes more connected, it’s important for consumers to secure their devices and place cybersecurity at the forefront of their minds.