Trend data

With more people remote working from home due to COVID-19, the percentage of devices encountering dangerous Wi-Fi hotspots has fallen.

COVID Phishing

On March 24, all UK mobile networks started sending out a government message to customers with details of the new shutdown measures.

This message was intended to enforce protocols and mitigate the COVID-19 pandemic. Unfortunately, it was inevitable that look-alike phishing campaigns would emerge to take advantage of the initial broadcast message.

The mass confusion around what information is legitimate has created an environment where people are becoming more susceptible to phishing campaigns, particularly as messages stemming from actual government communications are being leveraged for scams.

Top Phishing Domains

Uk-covid-19.webredirect.org, Hmrc-cov19.payment.estrodev.com:
The COVID-19 pandemic has caused widespread uncertainty and panic, and we’ve seen a number of phishing sites pop up.

Securej.account.logins.origin.secure-account-c0-uk.monster
(Argos Imitation): This domain was mimicking the Argos website, a UK-based catalogue retailer. With the pandemic causing people to panic-buy appliances and other goods, this type of scam could have a large reach.

Gb-supportcentre.info (Revolut Imitation):
Revolut, a financial tech company, recently reported that a small network of scammers had launched a campaign where they posed as Revolut support agents. The important thing to note is that Revolut only provides support via its in-app chat feature.

Three.co.uk-validate.live (Three Imitation):
This domain, posing as a British telecomms company, was encountered via a smishing campaign, with the message: “Your contract payment is due but we’re having trouble validating your details,” using the threat of ‘service suspension’ to pressure victims into handing over their details.

Android devices are 26x more likely to be infected with malware than iOS Devices.

Top 5 Leaky Apps

1 | Living Earth (Location)
2 | TaxiMilano (UserID and Password)
3 | Night Sky 2 (Location)
4 | Chess – Play & Learn (Email)
5 | Rightmove Property Search (Email)

April’s security news you may have missed

Data Science Monthly

Our Data Science team has been investigating the use of permissions in malicious applications. Here you can see the top 24 permissions that malicious applications ask for. The size of each bar represents what proportion of all applications request the given permission. While some common staples, like access to the internet, are requested by nearly all apps, there are some permissions such as `SEND_SMS,` which very few safe applications ask for, yet 74% of malicious applications try to access.

Learn more about how Wandera can help your business

If you’re interested in a personalized demo of Wandera’s Security Suite or would just like more information, please visit:

https://www.wandera.com/contact/