AhnLab announced “Three Safety Rules for Chuseok (hereinafter referred to as Chuseok Safety Rules) that you should tell your parents” before Chuseok.
Chuseok security rules announced by AhnLab include: ▲ Prohibition to install applications (.apk) delivered by SMS or Messenger ▲ Be sure to check directly by phone even if you receive an urgent request from family members such as children by SMS ▲ Download Internet content using the official route.
Park Tae-hwan, Team Leader of AhnLab Cyber Security Center Response Team, pointed out, “During the holidays, special attention from children is essential, as cyber attacks targeting children elderly people who want to download internet content or tap into parents’ minds waiting for family members to contact them can be prevalent.”
① Do not install received app (.apk) which comes via text message or messenger
Whether it’s low-interest loans, government grants, or non-receipt of packages, attackers trick users into contacting them by inserting phone numbers or email ids into text messages related to daily life before vacation.
When you contact with the phone number or id in the text message, the contacted attacker cites various reasons and tricks them into installing by providing a malicious application installer file (.apk) disguised as a financial application .
If a user inadvertently installs a malicious application, the information in the user’s cell phone is leaked, and even if the user tries to call the normal police or financial institution number, he intercepts and connects it to the attacker to prevent reporting or confirmation and conduct a voice phishing scam.
In order to avoid the damage caused by such advanced voice-phishing, parents should be informed that “normal financial services never require the installation of applications via text messages or phone calls”.
Moreover, apps should be downloaded only from official channels like the official app store and installing mobile antivirus beforehand is also a major security measure to avoid damage.
② No matter how urgent a request from your family, be sure to check it first by phone.
As the holidays approach, many seniors wait for their children to contact them. Abusers pretend to be their children to take advantage of this situation and send urgent text messages or messengers saying, “I lost my cell phone” or “The LCD screen is damaged”.
Next, the attacker induces the purchase of a cultural gift voucher in a natural tone, sending a serial number, asking for a photo ID and installing a malicious application disguised as a normal application.
When a malicious application is installed, various information stored in the mobile phone is stolen, which may lead to secondary damages such as monetary loss or additional voice phishing attacks.
When parents receive text messages such as urgent filing requests from their children or family members, it can be difficult to make a normal judgment.
It is also necessary to install a mobile antivirus on parents’ smartphones in advance in case malicious applications are installed.
③ Download songs or movies from the Internet only from the official website
Recently, elderly people have heavy internet usage by using PC, such as online searching and watching YouTube videos, and the usage may increase before and after Chuseok. Attackers need to be careful as they can spread malicious code files by abusing search keywords that are of interest to middle-aged people by targeting this spot.
In fact, following AhnLab’s analysis of ‘Blue Crab Ransomware Trend’ last year, the attacker created a fake site using the names of famous trot singers and songs, including ‘Trot Medley’. .
Also, recently, attacks have been discovered that include a malicious URL that links to a malicious code download page in the detailed description after uploading a video explaining how to download various files from YouTube. Therefore, older people who frequently use YouTube should be more careful.
In order to prevent infection with malicious code while using PC, parents should be informed that content such as music and movies should be downloaded from the official route. In addition, it is necessary to update the vaccine to the latest version and run the real-time monitoring function to prepare for infection with malicious code.
Reporter Bosommi from Hello Tea |
“Music maven. Introvert. Bacon evangelist. Extreme writer. Internet aficionado. Travel scholar. Lifelong problem solver.”