3.1 Threats to your assets
As you have already seen, for many the threats are most likely to arrive as emails or attached to emails. Another significant threat comes from apps for mobile devices that are not what they seem. In 2019, Sophos reported apps that hide their icons and use other tricks to prevent the user uninstalling them while aggressively displaying advertising.
Other examples reported include:
- Many utility apps don’t initially contain malware but include the code to download and install malware from elsewhere. This extra code installed may be designed to collect your banking details, or lock you out of your phone until you pay the criminals.
- A VPN client that installs a trojan designed to capture banking details.
- Fleeceware – apps that pretend to offer a free trial for some simple function and ask you to provide banking details first. Even after uninstalling the app, users still get charged a large amount unless they explicitly cancel the trial.
You can find up to date Sophos reports at: https://news.sophos.com/ en-us/ tag/ android-malware/ [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)]
For the final activity this week you’ll update your own list of cyber threats.
Activity 5 Your threats
Update the list of information assets and online activities you compiled in Taking stock of your information assets. Add any threats that are relevant to your assets.
Save this list to use later in the course.
Next, you have a chance to review your learning in the end-of-week practice test.