Social Engineering Example from the East

Recently, a new threat called Android.Fakeneflic has taken advantage of gaps in the availability of a legitimate video streaming service in order to target mobile users in North America. Here is another example of social engineering at work; however, this time the users that are being targeted are in Eastern Europe.

Premium SMS dialers have always been a problem on the mobile threat landscape, especially in Eastern Europe, where dialers showed up on mobiles phones not too long after the introduction of the micro edition of the Java Virtual Machine (JVM) for mobile devices. It should therefore come as no surprise that the authors responsible for leveraging this lucrative revenue source appear to be making a switch to newer platforms. Here is the latest example of a dialer that has come to our attention. The dialer attempts to pass itself off as a legitimate application by playing off the name of a popular VoIP/messaging app. It is written in J2ME and targets iPhone devices running a JVM. In this case, the author has even gone to the extent of setting up a dummy website to promote the app.

 

Smartphones are widely used as a communication tool in the enterprise environment as they work like a small computer that fits in the palm of your hand. Smartphones provide convenience to users, yet simultaneously pose a significant danger as they are often overlooked when it comes to protecting them. Therefore, it is important that proper privileges and policies akin to corporate computers should be implemented on such devices.