Anita Li | mashable
“Loozon” and “FinFisher” are the latest known versions of this type of malware, according to the IC3, which investigates Internet-related criminal complaints. The organization is a partnership between the Federal Bureau of Investigation and the Nation White Collar Crime Center.
The malware lures victims in different ways. One advertises itself as a “work at home” opportunity that promises a lucrative payday just for sending out email; an attached link then leads to a website that spreads Loozon to its target, IC3 says in a release.
“The malicious application steals contact details from the user’s address book and the infected device’s phone number.”
FinFisher is spyware that can take over parts of a mobile device; when installed, phones can be “remotely controlled and monitored no matter where the target is located,” IC3 says. FinFisher can easily be transmitted to a smartphone when the victim visits a hyperlink or opens a text message that masquerades as a system update.
The organization also offers “safety tips” for mobile devices, including enabling encryption to protect personal data in case of loss or theft, installing apps that offer malware protection such as antivirus software, preventing connection to unknown wireless networks, and setting up a passcode.
Security breaches are becoming more common in the U.S., according to a recent study. One out of every four Americans had personal identification lost or stolen due to a data breach in the past year.