Android users are targeted in a phishing campaign that will infect their devices with the Anubis banking Trojan that can steal financial information from more than 250 banking and shopping applications.
The campaign uses a devious method to get the potential victims to install the malware on their devices: it asks them to enable Google Play Protect while actually disabling it after being granted permissions on the device.
Phishing Attack Disables Google Play Protect, Drops Anubis Trojan – Android users are targeted in a phishing campaign that will infect their devices with the Anubis banking Trojan that can steal financial information from more than 250 banking and shoppi… https://t.co/XXf2LTQzW2
— G & R Computers (@GRComputers) February 6, 2020
Firstly organisations need visibility into potentially vulnerable Android Operating System versions and risky configurations for all devices accessing business data. By taking an active approach to mobile vulnerability management, enterprises can reduce the potential attack surface. Secondly, employees need to be aware of the dangers and prevalence of mobile phishing attacks. Lookout has observed that 1 in 50 mobile devices in the enterprise encounters a phishing attempt daily. Phishing attacks may target credential theft, or as in this case, attempt to persuade users to install additional malicious applications.
With over 83% of phishing attacks coming outside of email, it is not enough to rely on traditional email security. To protect against mobile phishing requires mobile endpoint security on the device itself. This can also keep employees safe from harmful apps and compromised WiFi networks. In addition, employees can limit their own exposure by always installing the latest OS patches, keeping apps up to date, and only installing apps through reputable app stores.
When protecting BYOD devices, organisations should look into Mobile Threat Defense solutions that can balance the need for user privacy with the right level of enterprise security. This differs from the traditional approach whereby organisations would try to actively manage all user devices, often seen as intrusive and limiting by employees. Today it is possible for organisations to deploy non-invasive security that protects user privacy and freedom of use, while still ensuring that only secure devices gain access to corporate data.