Personal Technology Security Series: What Do We Need to Secure

-
In my last article, I discussed how wonderful it is to live in a time when technology gives us an unprecedented access to information and services right at the comfort of our homes and even at the palm of our hands. I also discussed how most of this technology becomes accessible to almost everyone.

Smartphone, Phone, Mobile, Technology

It is no longer a novelty seeing a sidewalk vendor playing mobile games on a smartphone or a security guard watching a videostream of his favorite NBA team. Teenagers often share their OOTDs, foodography and other activities on social media. Busy people often do their banking using the mobile banking application on their cellphones. Free wifi on malls and other public places are a godsend for people who do not have data plans on their mobile devices because it allows them to do all these at virtually no cost at all.

As mundane as those activity may appear, each one of them poses a risk to both the users and the device that is in use.  I will enumerate the risks that a person opens himself for each of the activity listed above:

  • As innocuous as it may appear, playing games on the mobile phones may open it up to some risks.  If the games being played are downloaded from untrusted sources (sites other than the Apple App Store or Android Play Store) the phone is at risk of being infected by a malware (virus).  I will discuss the implications of a malware infection on a separate post.
  • Watching videos on the mobile phone may also look harmless and it generally is.  However, if one starts downloading pirated videos and start watching them on their phones, there will be risks involved.  One is on the process of downloading the video itself.  These pirated videos may be hosted on websites that have malicious codes on them, infecting devices that accesses them with malware.  Then the video may introduce malicious codes on your devices.  Some videos will prompt the user to download certain "CODECS" in order to play.  Those so-called CODECS may either contain another strain of malware or is a malware itself.
  • Sharing stuff about our daily lives to social media may be cool and also appear harmless but there is a danger of "oversharing".  (STORYTIME!) There was an instance where a teacher from a province in the south proudly shared that he just passed a certification.  In his excitement, he took pictures of his ID and his certificates and posted it to his social media account.  Weeks later, he discovered that someone has made a substantial loan against his government social services system account and he is being billed for that.  Fraudsters were able to use the information the teacher shared and loaned a large amount of money, leaving the poor teacher to pay for a several hundred thousand pesos in loan.
  • Mobile banking is not dangerous per se.  However, extreme care must be done when using it.  People who sometimes receive a fake notification from their banks saying that their accounts need verification ends up with an empty bank account.  Some careless users end up transferring funds to unknown accounts because of simple error in entering account numbers.
  • People who are fond of using any free wifi access points may find their online accounts hijacked.  "Free" wifi access points usually does not encrypt the connection so any data sent/received using those are easily intercepted and stolen by malicious parties (hackers).

Now that we know the dangers of using technology, the next thing that I will write about is how to protect ourselves and keep our gadgets and information safe when using it.

Comments

Post a Comment

Popular posts from this blog

GCash Security Scare: Rethinking the Safety of Digital Wallets

-
Image
A few days ago, many people woke up to find unauthorized transactions in their GCash mobile wallets. These transactions, which occurred at a rate of Php 2,000 per transaction, even affected a local actress, drawing widespread attention. While the technical cause of these unauthorized transactions remains a mystery, I believe it’s crucial to address the underlying issue: GCash, and other mobile wallet applications in general, are essentially digital versions of physical wallets. Storing money in wallets, whether virtual or physical, inherently carries risks, with theft being the most significant concern. Physical wallets have been the target of various theft methods, and this raises the question: why do individuals, regardless of whether they use digital or physical wallets, keep a substantial amount of money in their wallets? Wouldn’t it be safer to deposit these funds in a bank or keep them securely at home? While this doesn’t absolve GCash of responsibility, it’s important to recogni...
Read more

When Malware is Digitally Signed by an Anti-Malware Company

-
Image
  In October 2024, a sneaky malware campaign started spreading. The threat actors used a message that looked like it came from the Israeli partner of ESET, a well-known anti-malware company. They targeted Israeli businesses and educational institutions. But here’s the catch: the message didn’t show any signs of having malicious content. Analysts who initially checked out the email thought there was nothing fishy about it. The email warns recipients that their company is being targeted by “state-sponsored threat actors.” It suggests downloading and installing the “ESET Unleashed” app to protect against this threat. The email’s link seems legitimate, pointing to a valid ESET server. The file on the download link contains an executable file (Setup.exe) and four DLL files. Upon closer inspection, it turns out that the DLL files are part of ESET’s anti-virus software, but the EXE file is actually a malicious data wiper but it was digitally signed by ESET. This malware has an interesting...
Read more

Tech Party List, A Satirical List

-
Image
  **WARNING:** This post is not intended for individuals who are easily offended. Should you find satirical content objectionable, please leave this page immediately. YOU HAVE BEEN WARNED. With the Philippine elections coming very soon, One of the most colorful part this national exercise is the proliferation of Party Lists that have a great name recall. In the Philippines, the party-list system is a mechanism of proportional representation in the election of representatives to the House of Representatives. This system allows national, regional, and sectoral parties or organizations to gain seats in the House based on the proportion of votes they receive. The goal of the party-list system is to ensure that marginalized and underrepresented sectors of society have a voice in the legislative process. Each party-list group represents specific sectors such as labor, farmers, women, youth, indigenous peoples, and other marginalized groups. Voters can choose a party-list group during el...
Read more