Last week the new broke that more than 1,3-million Google accounts have been compromised by the Gooligan malware – and that number is growing at a rate of about 13 000 new infections every day.
Sophos’ senior security advisor John Shier offers the following tipps on how users can protect themselves from an attack like Googligan:
* Don’t enable third-party installs.
* Avoid the alternative app markets as best you can, because some of the “stores” could have malicious apps. If you must download an “essential” app, make sure it’s from a trusted developer.
* Always use security software, such Sophos Free Antivirus and Security for Android or Sophos Mobile Control.
* Make sure your phone is always updated to the latest version, as this particular attack only affected old versions.
* Don’t click on unsolicited links, even on your phone. Think of your phone as an extension of your computer. Phishing emails and SMS texts with links to malicious URLs are just as dangerous on your phone.
* If you suspect or can confirm you’ve been breached, change your password and turn on two factor authentication (2FA) if you haven’t already done so.
* If you have been compromised, resetting your phone to factory settings can’t hurt.