The UK’s National Cyber Security Centre (NCSC) has issued a series of advisories to warn users about the risks posed by malicious apps and phishing emails. This comes at a time when top cyber security companies are battling more than ever to keep users safe from such cyber threats.
Background
The NCSC reported that there has been a steep rise in the use of apps after the COVID-19 outbreak. A vast majority of consumers and enterprises downloaded apps from third-party stores for shopping, conference, and other online works. Since these apps were supported on a variety of devices, they exposed a wide range of people to online cyber threats. Apart from malicious apps, the officials highlighted that the COVID-19 pandemic also gave rise to various online scams that were distributed via phishing emails.
NCSC’s report on malicious apps
In a study conducted between December 2020 and March 2022, the NCSC found that cybercriminals could easily exploit several poorly developed apps to pilfer money and data from users. Furthermore, these vulnerable apps could be used to launch malware on user devices.
- This is due to the fact that some developers did not follow best practices when creating apps.
- These malicious apps can be installed on laptops, computers, game consoles, wearable devices, smart TVs, smart speakers, and IoT devices.
- To make it more evident, a cyber security company had demonstrated the impact by creating a malicious app that impersonated a popular tracker from a fitness firm. The fake app contained spyware capable of stealing everything from a user's device.
- As a result of these findings, the NCSC has urged tech companies to collaborate with top cyber security companies to enhance their security and privacy requirements to fend off cyber threats.
A record number of online scams thwarted
In another significant update, the NCSC reported that over 2.7 million scams were removed from the internet in 2021 under the UK government’s Active Cyber Defence (ACD) program.
- A majority of these scams revolved around fake celebrity endorsements and vaccine passports that originated from phishing emails.
- As part of the ACD program, more than 1.2 million domains designed to distribute FluBot malware were blocked by cyber security companies in 2021.
- Around 33 million events were flagged to organizations that had signed up for ‘Early Warning Service.’
- The NCSC was also successful in discarding over 1,400 NHS-themed phishing email campaigns last year.
Final words
There’s been a huge increase in attacks against low-hanging fruits such as VPNs, firewalls, and web apps. Therefore, organizations must take appropriate measures to enhance the security of endpoint systems. Additionally, it is recommended to download apps from official app stores. Checking reviews before downloading the apps also helps prevent falling victim to any unexpected cyber threat.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_414637558.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/d222_shutterstock_1023904483.jpg)
