In recent times, Android users have been plagued by a persistent mobile phone cyber security threat: Mobile overlays. A type of Trojan cyber attack that can be used to harvest personal information and banking details, mobile screen overlays have been gaining traction since the end of 2019. Subtle, sophisticated, and often difficult to detect, cyber attacks of this nature can have serious, at times devastating, financial consequences for victims. For this reason, it is imperative that Android users take reasonable steps to protect themselves from overlay attacks.
To explain how this cyber threat to mobile phones and other devices works, we’ve teamed up with the cyber security experts at ESET. From the basics of mobile overlays to the best ways to avoid falling victim to them, read on to discover their top mobile safety tips.
Mobile overlays: An evolving threat
Think of mobile overlays as phishing attacks reimagined for the 21st century. While they’ve been a known cyber threat since 2018, their growing sophistication in recent years has made them increasingly difficult to identify. They can wreak significant financial havoc on victims before they are even detected, making them a real and very serious threat.
As their name suggests, mobile overlay attacks use malicious forms that are overlaid on top of genuine login forms to harvest users’ sensitive information. In most cases, the malicious forms will replicate their genuine counterparts so closely that users won’t think twice about entering their passwords and/or payment details. Once they’ve submitted this information, it is sent to the cyber attacker, who can then use it for nefarious purposes.
Also known as “clickjacking”, overlay attacks can be deployed on a range of social media apps including Twitter, Facebook, and even LinkedIn – making constant vigilance an absolute necessity.
Protecting mobile devices from cyber attacks
While clickjacking attacks are certainly cause for concern, a number of simple cyber security measures can help reduce your risk of falling victim. The following Android mobile security tips can protect you from cyber attacks of this nature and keep your personal and financial information secure.
- Look at all forms carefully
Before entering your login or payment details, do a once-over of the form and identify anything that looks out of the ordinary. As a rule of thumb, it’s a good idea to check that the font, brand colours, and logos (if any) are consistent with what you’ve previously seen, and that there are no typos or misspelled words in the form content. If you do spot anything that looks suspicious, exit the page and try again.
- Use strong, anti-phishing authentication methods
There’s a reason why good password hygiene appears on most lists of cyber security best practice: It works. To reduce your exposure to mobile overlay or clickjacking attacks, use strong passwords and anti-phishing measures such as a one-time pin (OTP). OTPs create a single-use encrypted token that protects your sensitive information and prevents it from becoming compromised in future.
- Ensure your device software is up to date
Keeping the software on your mobile device up to date is one of the best ways to protect it from cyber criminals. Always download software updates as they become available and ensure that you get them directly from the Google Play store, rather than from a third party.
- Install mobile security software
Purchasing mobile security software from a reputable provider is one of the best ways to protect your device from emergent attacks and secure your personal information in the event of theft. ESET® Mobile Security offers a superior level of protection for Android smartphones and tablets, with features including a Proactive Anti-Theft functionality, App Lock, and powerful antivirus capabilities.
Make protecting mobile devices a priority
In the modern age, the majority of mobile device users store all manner of sensitive information on their smartphones and tablets. From confidential personal data to access credentials for banking and other financial portals, cyber criminals are able to access a wealth of information in the event that they are able to breach a device’s security.
To learn how to protect mobile devices from threats beyond mobile overlays, visit ESET today to browse their wide range of cyber security solutions and discover the best one for your needs.