Mobile devices

A gold mine for cyber criminals' exploitation


robert-holtfreter-80x80.jpg   Taking Back the ID: Identity theft prevention analysis

Susie Franklin was a successful broker at a big Wall Street financial firm. Through the years, she established a long list of clients, colleagues and friends. To keep in touch, she purchased a state-of-the-art smartphone. Susie's friends convinced her to use it to do most of her banking online. She enjoyed the simplicity and convenience of online banking with her smartphone, but one day she noticed money was missing from her account. She contacted her bank, which determined that she hadn't authorized a $2,000 withdrawal. She then knew that she was an identity theft victim. 

This case is fictional, but it's representative of a new wave of identity theft with the proliferation of mobile devices such as smartphones, tablet PCs and e-readers that consumers, businesses and government agencies have adopted to transact business, including mobile banking. Cyber criminals go where the money is, and they've reacted quickly to exploit the spread of the mobile banking arena as a profit center. The mobility of laptops led to an exploitation of personal data through loss and theft, but the movement to smaller portable devices represents a much larger opportunity for cyber criminals to exploit data. 


How do cyber criminals exploit mobile device activity, especially the mobile banking variety? This is how Gordon M. Snow, assistant director of the FBI's Cyber Division ("Statement Before the House Financial Services Committee, Subcommittee on Financial Institutions and Consumer Credit," on Sept. 14, 2011), explains it: 

Cyber criminals have successfully demonstrated man-in-the-middle attacks against mobile phones using a variation of ZeuS malware. The malware is installed on the phone through a link imbedded in a malicious text message, and then the user is instructed to enter their complete mobile information. Because financial institutions sometimes use text messaging to verify that online transactions are initiated by a legitimate user, the infected mobile phones forward messages to the criminal.

Cyber criminals are also taking advantage of the Twitter iPhone application by sending malicious "tweets" with links to a website containing a new banking Trojan. Once installed, the Trojan disables Windows Task Manager and notifications from Windows Security Center to avoid detection. When the victim opens their online banking account or makes a credit card purchase, PII (personal identification information) is sent to the criminal in an encrypted file.

A man-in-the-middle attack (also known as faked/spoofed websites, website spoofing and pharming) involves a cyber criminal who uses a fake website to move and monitor information between an organization — such as a bank — and a consumer. In essence, the cyber criminal is in the middle of a transaction between a consumer and an organization with neither party aware that the fraudster is illegally monitoring the transactions. The criminal, who's secretly monitoring every keystroke between the consumer and organization, compromises personal identifiable information (PII) such as account material, usernames and passwords.

Pharming, also known as spoofing and DNS poisoning, is a high-level cyber scheme for conning individuals into exposing PII such as credit/debit card info, Social Security numbers and other financial account information. Although similar in design to phishing, pharming involves more risk because a click on a link in an email message isn't necessary to initiate the scam. The scam uses malware or spyware to move the victim from a legitimate website to a fraudulent one.


For full access to story, members may sign in here.

Not a member? Click here to Join Now and access the full article.
  You must be logged in to leave a comment...
  • Avatar

    I just got to this amazing site not long ago. I was actually captured with the piece of resources you have got here. Big thumbs up for making such wonderful blog page.
    Property in Turkey for sale
    Real Estate in Turkey for sale
    Cheap Property in Turkey

  • Avatar

    I really love the quality writing as offered on this post, cheers to the writer.
    first republic home warranty
    total protect home warranty

  • Avatar

    I have already been browsing on-line greater than 3 several hours lately, yet When i by no means found virtually any fascinating article including yours. It is beautiful price enough with regard to me. convert psd to wordpress

  • Avatar

    Houston Audio Visual services and rentals, at we know there are plenty of things to worry about when planning a meeting or event, and your audio visual needs shouldn’t be one of them. Whether you need a flawless webcast, full audio visual services, or AV equipment rentals for conferences, meetings, wedding events or private parties in Houston, we are your AV company. We have provided professional AV services throughout the Houston metro area since 2005. We offer the best rates and have a reputation for reliable quality service. Whether your event is Houston inside the loop, The Woodlands, Katy, Sugar Land or Clear Lake, we are your AV company. Looking for a personal rental for a home event? Yes, we have self pickup and self return options for your personal AV rental needs. Low prices, reliable professional service, audio visual equipment

  • Avatar

    "Straplan Limited is a leading business management consultancy which helps businesses within a range of different sectors of all sizes. Our ethos is to provide a service much more than just what you would expect from a management consultancy. We incorporate an ‘everything is connected’ policy, this includes management consulting, coaching, training and recruitment. We are here to ensure that your business can streamline its working processes and by working smarter you can achieve greater profits and business growth as a result.
    Our business management consultancy solutions focus on your organisations primary priorities such as:
    • Business sustainability and Growth
    • Profit Maximization
    • Increasing Business Efficiency
    All of our services lead towards at least one of those overriding goals." management consultancy​ UK

  • Avatar

    A cash enhance is what is more a high attention loan typically taken out on a credit score cards or a history of credit score from a bank. Interest on a cash enhance begins accruing directly upon disbursement. wedding songs

  • Avatar

    American Mary is a retail cannabis store in Seattle, Washington (Wallingford/University District) located just West of I-5 and 45th Ave across from Wine World where you've got a free parking spot just for you. Our marijuana dispensary is open every day of the week for individuals who are 21+ Legal marijuana seattle

  • Avatar

    We specialize in Clarity Enhanced and Non Enhanced diamonds as well. We provide Large diamonds at HALF the price of Non Enhanced diamonds. Family owned and operated over 40 years. Please contact us for details. how much are 2 carat diamonds

  • Avatar

    I found so many entertaining stuff in your blog, especially its discussion. More Help

  • Avatar

    A good example of content presentation. Thanks for sharing this information. Keep blogging. MSA 10107602

Add Comment

Text Only 2000 character limit