Connect with us

Featured

It’s a match! Threats disguised as dating apps in SA

Websites posing as legitimate dating apps are phishing users this Valentine’s Day, according to Kaspersky.

Published

on

With Valentine’s Day approaching, singles and couples alike are under intensifying pressure to solidify their plans for this Friday. While choosing the right partner is a matter of paramount importance, there is another matter that should be treated with care. Kaspersky’s analysis has shown that within 2019 the local region saw a circulation of 275 threats under the guise of over 20 popular dating applications in South Africa, with 4,451 attacks coming from them. This is 58% of the overall number of such attacks detected in all African regions (7,734).

Popular dating apps used worldwide, such as Tinder, Bumble or Zoosk, often become bait used to spread mobile malware or retrieve personal data to later bombard the users with unwanted ads or even spend their money on expensive paid subscriptions. Such files have nothing to do with legitimate apps, as they only use a name and sometimes copy a design of authentic dating services.

Notably, cybercriminals would most often choose Tinder to cover their files: this app’s name was used in nearly the fifth of all cases (54 files detected in South African). 

The danger these malicious files bring varies from file to file, ranging from Trojans that can download other malware to ones that send an expensive SMS, to adware, making it likely that every ping a user gets is some sort of annoying ad notification rather than a message from a potential date.

For instance, one of the applications that at first glance looks like Tinder is, in fact, a banking Trojan that constantly requests Accessibility service rights, and upon getting them, grants itself all rights necessary to steal money from the user. Another names itself as ‘Settings’ right after installation, shows a fake ‘error’ message and later disappears, with a high likelihood it will return with unwanted ads a few days later.

Cybercriminals who specialise in phishing also do not miss the chance to feed on those seeking to find love. Fake copies of popular dating applications and websites, such as Match.com and Tinder, flood the internet. Users are required to leave their personal data or connect to the applications via their social media account. The result is not surprising: the data will later be used or sold by cybercriminals, while the user will be left with nothing.

A phishing website under the guise of Tinder teases users to register and find a date

“Love is one of those topics that interests people universally, and, of course, that means that cybercriminals are also there. Online dating has made our lives easier and yet uncovered new risks on the path to love. We advise users to stay attentive and use legal versions of applications that are available in official application stores. And, of course, we wish you best of luck finding the perfect date for this special day”, comments Vladimir Kuskov, head of advanced threat research and software classification at Kaspersky.

To avoid cyber risks ahead of Valentine’s day, Kaspersky recommends:

  • Always checking application permissions to see what your installed apps are allowed to do  
  • Not installing applications from untrusted sources, even if they are actively advertised, and block the installation of programs from unknown sources in your smartphone’s settings
  • Finding out more information about the dating website you are planning to visit: look into  its reputation on the internet and try to find user feedback
  • Using a reliable security solution like Kaspersky Security Cloud that delivers advanced protection on Mac, as well as on PC and mobile devices

To use dating apps safely, Kaspersky recommends:

  • Avoiding sharing too much personal information with strangers
  • Making sure that the person you are meeting is real, as fraudsters often use fake profiles for scams

Featured

SA’s Internet goes down again

South Africa is about to experience a small repeat of the lower speeds and loss of Internet connectivity suffered in January, thanks to a new undersea cable break, writes BRYAN TURNER

Published

on

Internet service provider Afrihost has notified customers that there are major outages across all South African Internet Service Providers (ISPs), as a result of a break in the WACS undersea cable between Portugal and England 

The cause of the cable break along the cable is unclear. it marks the second major breakage event along the West African Internet sea cables this year, and comes at the worst possible time: as South Africans grow heavily dependent on their Internet connections during the COVID-19 lockdown. 

As a result of the break, the use of international websites and services, which include VPNs (virtual private networks), may result in latency – decreased speeds and response times.  

WACS runs from Yzerfontein in the Western Cape, up the West Coast of Africa, and terminates in the United Kingdom. It makes a stop in Portugal before it reaches the UK, and the breakage is reportedly somewhere between these two countries. 

The cable is owned in portions by several companies, and the portion where the breakage has occurred belongs to Tata Communications. 

The alternate routes are:  

  • SAT3, which runs from Melkbosstrand also in the Western Cape, up the West Coast and terminates in Portugal and Spain. This cable runs nearly parallel to WACS and has less Internet capacity than WACS. 
  • ACE (Africa Coast to Europe), which also runs up the West Coast.  
  • The SEACOM cable runs from South Africa, up the East Coast of Africa, terminating in both London and Dubai.  
  • The EASSy cable also runs from South Africa, up the East Coast, terminating in Sudan, from where it connects to other cables. 

The routes most ISPs in South Africa use are WACS and SAT3, due to cost reasons. 

The impact will not be as severe as in January, though. All international traffic is being redirected via alternative cable routes. This may be a viable method for connecting users to the Internet but might not be suitable for latency-sensitive applications like International video conferencing. 

Read more about the first Internet connectivity breakage which happened on the same cable, earlier this year. 

Continue Reading

Featured

SA cellphones to be tracked to fight coronavirus

Several countries are tracking cellphones to understand who may have been exposed to coronavirus-infected people. South Africa is about to follow suit, writes BRYAN TURNER

Published

on

From Israel to South Korea, governments and cell networks have been implementing measures to trace the cellphones of coronavirus-infected citizens, and who they’ve been around. The mechanisms countries have used have varied.  

In Iran, citizens were encouraged to download an app that claimed to diagnose COVID-19 with a series of yes or no questions. The app also tracked real-time location with a very high level of accuracy, provided by the GPS sensor. 

In Germany, all cellphones on Deutsche Telekom are being tracked through cell tower connections, providing a much coarser location, but a less invasive method of tracking. The data is being handled by the Robert Koch Institute, the German version of the US Centers for Disease Control and Prevention. 

In Taiwan, those quarantined at home are tracked via an “electronic fence”, which determines if users leave their homes.  

In South Africa, preparations have started to track cellphones based on cell tower connections. The choice of this method is understandable, as many South Africans may either feel an app is too intrusive to have installed, or may not have the data to install the app. This method also allows more cellphones, including basic feature phones, to be tracked. 

This means that users can be tracked on a fairly anonymised basis, because these locations can be accurate to about 2 square kilometers. Clearly, this method of tracking is not meant to monitor individual movements, but rather gain a sense of who’s been around which general area.  

This data could be used to find lockdown violators, if one considers that a phone connecting in Hillbrow for the first 11 days of lockdown, and then connecting in Morningside for the next 5, likely indicates a person has moved for an extended period of time. 

The distance between Hillbrow and Morningside is 17km. One would pass through several zones covered by different towers.

Communications minister Stella Ndabeni-Abrahams said that South African network providers have agreed to provide government with location data to help fight COVID-19. 

Details on how the data will be used, and what it will used to determine, are still unclear. 

Continue Reading

Trending

Copyright © 2020 World Wide Worx