CYFIRMA, an external threat landscape platform management company funded by Goldman Sachs, Zodius Capital and Z3Partners, announced the launch of DeFNCE, a mobile app to help users acquire cyber safe habits such as knowing how to set a secure password, learn about emerging cyber threats like phishing campaigns and other social engineering lures, and be aware of cyber criminals targeting apps they have installed.
According to App Annie Mobile App Landscape Report, there were 218 billion app downloads in 2020, time spent in finance apps was up 45% worldwide, and m-commerce experienced a massive growth. Similarly, social networking apps, video streaming apps, and gaming apps have all experienced a surge in recent times as the world’s population migrated to mobile and digital formats for work and play. In CYFIRMA’s research, threat actors and cybercriminals are increasingly viewing mobile devices as attack surfaces to carry out not just scams but also cyber espionage. The company predicts in 2022, cybercriminals will mount attacks to take over mobile devices and demand ransom knowing that many will succumb to the extortion tactics.
DeFNCE redefines mobile security as the only app with the capability to provide a safe browsing experience by using advanced algorithms to discover the user’s digital risk profile and alert him or her to spying, phishing, ransomware, malware and other cyber threats. The app contains over a million data sources to bring to the user’s attention on emails and passwords which have been stolen or leaked into underground marketplaces, specific hacking campaigns planned by cybercriminals to compromise banking and other sensitive apps, and help the user ensure the device settings adhere to cyber safe security standards.
“The mobile internet and mobile apps are not just a place to check your email or watch cat videos on YouTube anymore, it’s also a way to find news, connect with friends and family, and do business on the go. But it’s also a wild west full of unknown threats that can turn your digital footprint into a real-world crime scene. These threats can take many forms – from cybercriminals who are out to steal your identity, phishing campaigns to lure you into divulging confidential data, and even state-sponsored attacks trying to collect sensitive information,” said Kumar Ritesh, Founder and CEO, CYFIRMA. “That’s why we created DeFNCE to be that mobile device bodyguard for the everyday mobile user. DeFNCE is the first layer of protection for anyone who owns a smartphone and wants to keep away from the prying eyes of cybercriminals.”
DeFNCE contains the following functions to protect the mobile device user’s data and digital identity:
- Check cyber risk level according to a device scan
- Keep digital identity and emails safe
- Be assured that the device’s configuration and settings are providing the best security
- Be alerted to cybercriminals targeting the apps which have been downloaded to the phone
- Be cyber astute, stay updated on the latest in cybercriminal activities
- Risk Score – A rating of Critical, High, Medium & Low is provided for each user with recommended actions to immediately strengthen security posture
- Explore – User can build his or her personal cyber situational awareness and learn the latest happenings related to cybersecurity
- Data leaks – Be alerted to emails and credentials that have been leaked and circulating in dark web marketplaces
- Mobile Cyber hygiene – Check that WIFI, Bluetooth, permission settings, mobile device OS version, and others, are properly configured
- App health – Watch for phishing attacks where criminals are masquerading the apps and seeking to profit from the user
In the last 12 months, CYFIRMA has seen nearly a 10-fold increase in cyberattacks targeting mobile phones users. The company has observed fake apps being created by hacking groups to collect sensitive data, steal behaviour data, profile customer interest and other malicious activities. Phishing campaigns which mimic legitimate apps have also become prevalent. Hackers are also exploiting connection layers to install surveillance apps.
Mobile devices will continue to attract more attention in 2022 by both cybercriminals and nation-states threat actors. They can be perfect spying tools attached to a treasure chest of valuable data. Unlike desktop platforms, the mobile app lacks mature and robust security checks to prevent and detect phishing, command & control traffic, credential theft, etc. Voice call (vishing) spamming, and scams are on a rise, all messaging apps are riddled with phishing and spam aimed at stealing credentials or lure users into installing malicious/fake apps. Even mobile device management platforms can be targeted in supply chain attacks to get a foothold into an organization’s networks.
Attacks on mobile-based devices and operating systems like Android and iOS will increase in 2022 as cybercriminals look to implant look-alike/malicious applications, exploit legitimate software. Do not overlook and neglect mobile security, enforce strict security policies, limit numbers of apps installed on any device and minimize surface used for social engineering.
The mobile phone has become an absolute necessity, directing every aspect of our lives. In 2022, cybercriminals will mount attacks to take over mobile devices and demand ransom knowing that many will succumb to the extortion tactics.