SINGAPORE – From mooncakes to fish and Peking duck, offers on various goods and services have lured unsuspecting victims to contact “sellers” on social media platforms, who instructed them to download third-party apps.

The downloaded malware allowed scammers to access their victims’ banking apps, increase their credit limits and siphon away their money, all within just hours.

The Straits Times spoke to cyber-security experts to understand how one can protect one’s phone from malware, and whether it is still possible to shop online safely.

Q: Why are Android phone users mostly targeted by malware?

A: These users are commonly targeted due to the open nature of the Android operating system (OS) and its large market share, said cyber-security experts.

Cyber-security firm Kaspersky’s South-east Asia general manager Yeo Siang Tiong said the openness of the Android OS allows apps to be created and uploaded freely. Anyone can download these apps to their devices.

This open system allows cyber criminals to abuse the app marketplace to spread malicious apps.

Android phones also have a larger market share compared with Apple, making it a more attractive target for hackers to create and release malware, said Mr Yeo.

According to analytics site StatCounter, the Android mobile OS held the largest market share of 65.9 per cent in Singapore as at September.

Q: Are Apple users safe from malware?

A: Apple controls what apps are available on its App Store, reducing the need for an anti-virus app, said Mr Yeo.

That said, Apple’s iOS is also susceptible to malware.

Cyber-security expert Chester Wisniewski from security firm Sophos said cyber criminals can trick iOS device users into installing a certificate that grants the attacker permission to download third-party apps.

Q: What information can such malware capture?

A: Mr Yeo said cyber criminals can access personal information and keystrokes stored on the device once a system is infected with malware. This includes access to mobile banking apps, mobile wallets, e-mails and corresponding two-factor authentication (2FA) and verification tools such as built-in camera for biometric verification.

He warned that cyber criminals can enable unauthorised transactions via the infected devices, or steal the data to complete fraudulent transactions at a later date. 

Q: How can I tell virus-laden apps from legitimate virus-free apps?

A: Earlier ST reports highlighted that victims were instructed to download third-party apps, which allowed crooks to take control of their phones.

Mr Yeo listed five ways to distinguish between virus-laden apps and legitimate virus-free ones:

1. Check the app’s reviews and be wary of apps with low ratings or numerous user complaints.
2. Check the app’s release date and number of downloads.
3. Check the app’s update frequency. If an app is updated too frequently, that may potentially point to a significant number of security vulnerabilities. 
4. Check the app’s icon. Do not be deceived by distorted and lower quality versions of icons mimicking popular app icons.
5. Read the permissions agreement before downloading the app. Virus-laden apps could request access to much more information than necessary.

Q: How can I protect my phone from malware?

A: The best way to safeguard yourself from a malware attack is by using a comprehensive anti-virus software, said Mr Yeo. Users should keep their device’s OS and other third-party software updated. They can follow these steps to protect their phone from malware:

1. Install an anti-virus app on their mobile devices.
2. Only download apps from trusted sites. 
3. Check developer descriptions, ensure that apps are highly ranked, rated and patched regularly. 
4. Avoid clicking on unverified links. 
5. Keep operating system and apps updated. 
6. Be mindful when using free Wi-Fi.

Mr Wisniewski warned users not to download apps from outside the official Google Play store or Apple’s App Store, and to be cautious if they require several permissions.

“Be suspicious of any apps requesting accessibility permissions or the ability to draw over your screen. These are all warning signs of remote control capabilities,” he said.

Q: What should I do after downloading a virus-laden app?

A: Mr Yeo listed five steps users should take if they have downloaded a virus-laden app:

1. Put their phone into flight mode. This will stop all Internet-connected apps from running on their device.
2. Look for the malicious app on the device and uninstall it.  
3. Restart your phone and run an anti-virus software to check for vulnerabilities. 
4. Change your passwords and banking information where possible. 
5. Report the third-party app to the relevant app stores.

Q: Can I still shop online safely?

A: Yes, you can still shop online safely, but be diligent and cautious of deals that sound too good to be true, cyber-security experts said.

Online shoppers should also be wary of anyone contacting them through secondary communication channels like WhatsApp, said Mr Wisniewski.

“These encrypted chat apps are intentionally used to spread scams and malware as they cannot be filtered by the service provider. The lures start on Facebook but move to an encrypted connection so that their dangerous links and downloads cannot be filtered out to protect you,” he added.

Mr Yeo added that online shoppers should not click unverified links or download apps from suspicious sites or sources. They should also have a bank card and e-mail address used solely for online shopping to minimise the impact in the event they are exposed to malicious e-mails disguised as sales promotions or are scammed.