Cyber espionage could lead to identity theft

Next story

A cyber espionage campaign, dubbed Dark Caracal, has been detailed in a report by the Electronic Frontier Foundation (EFF) and Lookout Security. How can you protect yourself from cyber espionage and the resulting identity theft?

Cyber espionage is nothing new, but the scale of Dark Caracal is noteworthy.

This campaign targeted the mobile devices of military personal, medical professionals, journalists, lawyers and activists, to name a few.

Although Dark Caracal targeted specific groups, their use of dodgy Android apps is a common strategy. They are often used to steal data to conduct phishing attacks or even identity theft.

Mark James, ESET IT Security Specialist, comments on the saturation of digital information, which could be used against you if it were in the wrong hands.

“Almost everything we do these days is linked to the digital world in one way or another.

“The downside of this of course is the sheer amount of data being stored on our digital devices, in our connected clouds and even stored on our own private storage areas.

“We learn to trust what we see and far too often are very “click happy” when in a hurry.

“When it comes to mobile devices the installation of software falls very often in this category: you want or need the application so will in most cases accept almost any permissions requested at installation.

“If those apps are malicious they could end up having complete control over your mobile device, all data stored on it and area’s it has authority to access are now viable targets for the malicious actor.

“We often fail to understand what types and how important this stored data could be. Photos, call records, text messages and audio recordings could all be valuable and used to fuel phishing, ransomware attacks, or even identity theft.

“Making sure you read and understand the permissions required for any software installation is a good start to protect your safety, where possible read reviews and question any updates that appear out of the blue.

“If you’re concerned about the validity of an application or update then check the official download locations before proceeding and always have security software installed and updating on a regular basis.”


How carefully do you select apps you install? Let us know on Twitter @ESETUK.