Due to the explosion in popularity for mobile devices, cyber criminals are now the creators of legitimate-looking apps that feature holiday shopping deals, participation in charity work and time-sensitive offers.
However, these often-free applications, once downloaded to your smartphone or tablet, may steal or modify your data.
Identity theft is a year-round problem, but fraud-prevention experts warn that the hectic holiday season is prime time for this crime.
As the holiday season comes into full swing, mobile phone users rely more on online banking transactions because of their busy schedules and because banks are closed for more days than in other months.
In addition, mobile users are generally unaware of the importance of security, and often assume mobile apps are safe for download. Such lax mindsets, as well as the low cost and ease in developing mobile malware, increase the threat of rogue apps.
Their cause will be helped by the lax security hygiene observed by most internet users, who download mobile apps onto their devices without considering what may be in them. These users believe that once an app is published on the app store, it is necessarily safe.
Unbeknown to them, however, is that there are many rogue apps today which secretly steal information from devices. Security researchers say that there are over one million Android-based questionable and malicious applications in the world.
Furthermore, most users do not see the importance of mobile security despite the amount of data, oftentimes sensitive ones, stored on their devices, which are fodder for fraudsters.
To cushion yourself against fraudsters, look into mobile apps carefully before downloading anything onto your mobile devices; check the comments section to confirm the app’s legitimacy directly with the parties the software claims are involved.
Mobile phone-based shopping and other transactions are often conducted over public Wi-Fi networks - at a coffee shop, mall, hotel or airport for example.
Those connections are often insecure and sensitive information like credit card numbers may be intercepted if transmitted unencrypted. Make sure you are connecting to websites using encrypted HTTPS connections.
Beware of suspicious websites. Identity thieves create bogus sites with beautiful graphics and amazingly low prices on popular but non-existent digital devices.
Take the bait and you won’t get your merchandise, and the crooks will have your credit card number and other personal information.
During the holiday season, you expect to get holiday eCards from friends and family. Identity thieves send out seasonal greetings, too. But theirs are loaded with viruses and other malware.
They use social media sites to send booby-trapped greeting cards that look like they’re from people you know. Don’t click the links in the body of an email alerting you to an eCard, and don’t open any attachment, unless you are certain of the source.
If you bank through the web or phone, make sure you are signed up to SMS alert so that you are alerted for every transaction.
Should you be asked for a user name and password after clicking a link on the web, try using a fake input on the first attempt.
The extra few seconds it takes to load confirms that the page is actually looking for valid username/password combinations. Usually, scam sites will let you right in regardless of what you type.
You can’t prevent identity theft. There are simply too many opportunities for the bad guys. But you can reduce your risk if you understand some the ways hi-tech thieves target you.
Sam Wambugu is a monitoring and evalua-tion specialist. Samwambugu@gmail.com