Malicious agents continue to use increasingly sophisticated email templates to fool victims into installing malware on their computers. Most recently, people have been falling prey to an email that appears to be from Dropbox.com, a very widely used cloud storage website. The email uses Dropbox artwork and is kept short and to the point: it warns the user that they need to change their password and provides a link (which, of course, leads to a hijacked website). Adding to this email’s apparent credibility is the fact that Dropbox has engaged in this very same practice to legitimately warn users about password changes. Couple this with the fact that it’s highly likely you have a Dropbox account, and the hook is set before you know it.
What this means for you:
Whenever you receive a warning like this, the safest method to take action is to manually type the URL of the service in question in your browser and never click links in the email, unless you are confident they don’t lead to a hijacked website. Most email clients, including web-based ones like Gmail and Yahoo Mail, allow you to roll over the links in any email and see the actual linked destination (it may take a second or two, be patient while hovering), as it’s trivial to fake the visible destination while sending you down a dark road to infection. For more tips on spotting fake emails like this one, read my previous post, “Fake Emails are Getting Harder to Spot“.
A new app has appeared on Google’s Play store that purportedly offers Android users the ability to chat with iOS users via Apple’s iMessage platform, and it has security eyebrows raised, primarily because it wasn’t released by Apple. Cydia (app store for jailbroken iPhones) developer Jay Freeman delved into the code of “iMessage for Android” and discovered another alarming fact: the app appears to be authenticating not through Apple’s servers, but through some unknown platform in China, even though it requires a legitimate Apple ID to work. Another developer also noted that this app has the ability to silently download code to your Android smartphone, a permission that could lead to a malware infection. The app is very new and these security peculiarities have yet to be widely verified, but it has already been downloaded from the Play store over 10,000 times.
What this means for you:
Firstly, your Apple ID (which may have money and many, many apps, songs, movies, etc. tied to it) is being passed through an unknown server in China. There is no guarantee that the owners of that server aren’t collecting these IDs for nefarious purposes. Add this to the fact that the app can download code without notifying you, and the scales are now dipping alarmingly towards “dangerous” if not outright “malicious”. Also at stake is the trustworthiness of Google’s Play Store app vetting process – how could this app have possibly made it through without raising some red flags. Sure, there is no love lost between Apple and Google, but Google is usually smart enough to not poison its userbase with a dodgy app just so Android users can text chat with iOS users. It remains to be seen whether this app is truly on the up and up, but all signs indicate otherwise at this point. I’d err on the side of caution and avoid installing this app for now. If you really need to talk to that iPhone user, just send them a text!
Image courtesy of Idea go / FreeDigitalPhotos.net.