Avoid Malware on your Mobile Devices
It is important that you take every effort possible to protect yourself from malicious malware infecting your mobile device. Some forms of malware monitor your phone for the launch of a targeted mobile banking application and then inject a phishing layer over the legitimate applications’ user interface. Next it displays a fake login to steal your online banking credentials. Malware can even defeat the multi-factor authentication by intercepting SMS messages delivered to you with a one-time pass code. With this information the perpetrator has gained full access to your online banking account!
How do these infections occur?
Some of the ways that your mobile device can be infected with malware are:
- SMA or MMS phishing, to include message requesting the user to install malicious Adobe Flash Player software.
- Malvertisements or pop-ups from Websites prompting the user to download a malicious Adobe Flash update.
- Mobile applications downloaded from third-party mobile application platforms.
- Phishing e-mails.
What can I do to protect myself?
- Install mobile applications from trusted sources, and review the application vendor prior to download.
- Do not download software or applications from third-party application platforms or untrusted Web sites.
- Review application permissions during installation; ensure permissions requested are appropriate for the type of application being downloaded.
- Install and regularly update the Android operating system.
- Do not use jail broken Android devices (devices where the software restrictions imposed by the manufacturer have been removed) as such devices will not receive automatic updates.
- Install and regularly update anti-virus or anti-malware software on Android devices.
- Do not open or click on hyperlinks in SMS, MMS, or e-mail messages from unknown or suspicious sources.
- Do not open attachments included in unsolicited e-mails.
- Consider downloading an ad blocker to enable the device’s browser to block advertisements and pop-ups.
- Use only secured wireless connections to access the Internet, taking extreme caution when accessing public Wi-Fi connections.
- Set up account alerts in online banking so that you are notified when account updates occur. This can include login, transaction and balance alerts. The sooner you are aware of invalid activity the quicker you can stop it.
- If there are feature of online banking that you don’t use, such as external transfers or wire transfers contact the Credit Union. We can turn off these features so that they are not available. You will still see them on the menu in online banking but they will not work.
If you feel that you have been exposed to malware, and someone else may have obtained your login credentials, below are steps that you can take to prevent loss:
- Immediately change your login ID and password using a device other than your infected one.
- Contact the Credit Union at (540) 663-2181. We will work with you to resolve this.
- Assure that your infected device is cleaned of the malicious software.
- Assure that you have alerts set up in online banking to notify you when activity occurs.