This biannual report presents the targeted attack campaigns observed and mitigated by Trend Micro based on reported customer cases, as well as our own independently gathered data.
As the number of mobile device users grow, so do the number of apps available to their users. However, because cybercriminals always go where the money goes, attacks targeting mobile devices and their users will continuously grow in number as well. That is why there are more and more mobile threats, including malware and fake apps. It has actually become quite common to see fake apps shortly after legitimate mobile or PC versions come out.
Cybercriminals can exploit Android app permissions for their personal gain. Find out the most commonly requested permissions and how they’re abused in our latest TrendLabs Security Gallery.
Cross-platform mobile threats are here to stay, and with their capability to jump from users' mobile devices to PCs (and vice versa), protecting against them is a top priority.
News of an SMS fraud service affecting many countries first broke out in Russia in 2010. It has since put users at risk through popular online activities like social networking and downloading content.
As with technology and popular means of communication, cybercriminal attacks and schemes continue to evolve over the years. Find out more…
Everyone's online, but not everyone's secure. It's up to you to make sure that your family is. Learn about online threats and how you can protect your family from these threats here.
Like Swiss Emmental cheese, online banking protections may be full of holes. Banks have been trying to prevent cybercrooks from accessing their customers’ online accounts for ages. They have, in fact, invented all sorts of methods to allow their customers to safely bank online.
This research paper describes an ongoing attack we have dubbed “Emmental” that targets a number of countries worldwide. The attack is designed to bypass a certain two-factor authentication scheme used by banks. In particular, it bypasses session tokens, which are frequently sent to users’ mobile devices via Short Message Service (SMS). Users are expected to enter a session token to activate banking sessions so they can authenticate their identities. Since this token is sent through a separate channel, this method is generally considered secure.