Wednesday, September 9, 2015

Careful with vCards from WhatsApp: they can be a cheat

It is as easy as clicking on a vCard while we are on the WhatsApp web extension and an attacker can take control over our computer. It is the computer security new of the day together with some others, from which we have chosen; the phishing cost, a study about mobile security and an advise from the United State Security Service concerning how not trustful are payments when using our phone as a credit card.

Kasif Dekel, Check Point investigator, advised Whatsapp of their vulnerability the 21st of August, and the Enterprise has acted in a very assiduous way, offering a solution today for all their web clients. Anyway, this solution depends on an update of our mobile devices and, considering the chaos with the software update of mobile devices issue, we think that it may not arrive. Tens of millions WhatsApp users are in danger of receiving harmful vCards, so be really careful.

The cost of phishing for companies

The attack all WhatsApp users are exposed to is new to a technical level, but old to the criminal trick it allows: the traditional phising, where a person is tricked to allow a code execution in his device.  The Ponemon Institute has just published the results of a study concerning "The cost of phishing and the value of the employees training", where it can be shown crystal clear the economic impact of it.

Malware from the Factory

We don´t leave the mobile phone world, due to the insecurity it causes to us. Another study that we have found today focuses on the main problems of the sector, being malware the first and his main victim Android: if we keep at this pace, in 2015 there would have appeared two millions new viruses for this operating system. Other big problems are the apps that secretly monitored what we do and the malware pre-installed at the factory. The study offers an interesting list of infected models.

Thieves love NFC

Just in case we dont have enough with these, the United State Secret Service has published a report where it advises from the increasing criminal activity on the Near Field Communication (NFC) payments, for the fraud commission. Thieves are using stolen personal information in order to create fake accounts on phones with NFC and doing illicit transactions. 

If this is not enough for us to throw our phones to the river, is that we really are sticked or that, despite all, phones are extremely useful for us. Anyway, until they become a consolidated technology we should be careful with them.


Post a Comment