“Beware of malicious 2012 Olympic Games Android apps” is the key message emanating from Action Fraud via anti-malware and anti-virus solutions provider Webroot.
The latter has issued a stark warning that, because there are so many events happening at one time during the Olympics, it might be all the more tempting when viewers find an app available that focuses on one or just a few.
There’s an app called ‘London Olympics Widget’, for example, which is described as an app that displays aggregated Olympic news coverage. In reality, it harvests the user’s contact list and device id (IMEI) and reads their SMS text messages.
Although the Amazon Appstore for Android and Google Play sites do not screen every app in the store for malicious code they do remove apps that are reported as malicious.
Exercise caution while downloading
Not all apps are what they appear to be. You should always exercise caution when downloading apps for your Android Device.
If an app that changes your background wallpaper wants access to your contact list, Twitter and Facebook account you should probably reconsider its use.
Download the official London 2012 mobile app.
If you’re unsure on how to decide what a trustworthy app is then Webroot covers this in detail in the article 7 Common Mobile Security Questions Answered.
Beware of ‘Police ransomware’ on your computer
Meanwhile, the Police Central e-Crime Unit (PCeU) is warning members of the public of a computer scam which attempts to extort money from unsuspecting individuals by impersonating the e-Crime Unit.
Police have received 1,100 reports from the public of the malware affecting their computers. 36 people in the UK have paid money, each losing GB pound 100.
Enquiries continue to trace those responsible for the scam, but there have been no arrests at present.
The malicious software infects personal computers after users have accessed certain websites. The virus causes the PC to freeze and lock, with a message purporting to be from the e-Crime Unit advising the user they are required to pay a fine to unlock the computer.
This is a fraud and users are advised NOT to pay out any monies or hand out any bank details. The scam is now affecting many countries in Europe and further afield, with each e-mail tailored to include the branding of that country’s law enforcement agency.
Europol is now co-ordinating with Europe’s various law enforcement agencies on this matter.
Genuine law enforcement agencies would never contact members of the public via this method and demand funds in this way.
What to do if you think you may be a victim
If you think you may have been a victim of a ‘ransomware’ attack such as this, the advice is as follows:
- restart your PC: this process has been known to delete the message
- use anti-virus software and (importantly) routinely update it such that it keeps pace with new threats as they’re discovered (operating systems like Windows and Mac OS routinely issue updates that patch potential vulnerabilities)
- report the ‘ransomware’ attack to Action Fraud
- to protect against fraud in the future, never reveal Ukash vouchers or voucher codes or Paysafecard PINs (in full or in part) by e-mail or over the telephone (vouchers or PINs should only be used at participating Ukash or Paysafecard merchants)