A set of flaws affecting the world’s leading messaging and email platforms, including Instagram, iMessage, WhatsApp, Signal, and Facebook Messenger, has allowed threat actors to create legitimate-looking phishing URLs for the past three years.
While this vulnerability is particularly insidious due to its simplicity, it\’s not the first URL rendering issue to affect mobile devices. Between mobile browsers not showing full URLs in address bars, abuse of URL shorteners and hosting malicious content on trusted domains, mobile browsing is fraught with peril.
It\’s important to remember that just because apps tout \”end to end encryption\” and other privacy protection features, that does not mean that any content sent via the apps is automatically secure. At minimum, users should treat any unexpected messages from unknown senders with great suspicion. But really any links received over messaging apps can be problematic. Disabling \”link previews\” within the apps themselves also helps to limit exposure.
Another option to try and limit collateral damage is to use multiple browser applications on your mobile device. Set the default browser, the app that will open tapped links, to something not used for day to day \”manual\” browsing, so cookies and other sensitive information are not readily exposed.
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
LockBit often targets insiders as a way of hacking systems.…
The Financial system has a terrible number of interdependencies, and…
Notorious Russian cybergang Killnet has claimed responsibility for a cyberattack…
As Marc Andreessen said over a decade ago, "software is…
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics