What is a fake alert fraud?Explain the latest cases and measures such as abuse of the calendar | Time & Space by KDDI

In recent years, smartphone scams have been sophisticated.Smartphone scams on the "10 major threats of information security (personal threats)", which are announced every year by IPA (Independent Administrative Administration), which provides research and information related to computer viruses and security.It accounts for most of the top, and the number of new tricks is increasing year by year.

This time, Among them, "Fake Alert fraud", which has a clever trick and is difficult to distinguish from fraud, supervised by Akira Honma, deputy chairman and director of the Japan Smartphone Security Association (JSSEC).Introducing examples and countermeasures along with the actual screen image.

Fake alert fraud (fake alert) fraud, suddenly displays a fake warning screen such as "infected with virus" while browsing a website, installing malware (harmful operation software).It is a scam that gets personal information and abuses it.

In recent years, there have been a wide variety of fake alerts, making it difficult to realize that it is anxiety of users, pierced human greed, and disguised as a standard app.It is increasing.

So what kind of fake display do you deceive the user?Let's take a look at the main fraud examples while looking at the actual screen image.

The first is an account additional fraud.This is a scam that abuses the iPhone (iOS) calendar sharing function, sharing the calendar editing authority with the attacker's account, adding a schedule to the user's calendar and will not be remembered.Guide from the URL written in fraudulent sites.

(1) Share the calendar to the user (add the authority of the account) ② The attacker will add more and more to the shared calendar ③ 利用 利用 利用。Even if you do not look at the schedule, use the calendar notification function to display pop -ups such as virus infections on your smartphone, and you will guide them to the unauthorized site, assigning a URL for DL of security software.

The scary part of this account additional fraud is that the sentence displayed on the screen is difficult for users to understand when the first "share the attacker's account authority in the calendar".Look at the capture screen below.

As a trick of account additional fraud, this notice is suddenly displayed while browsing the web, but with the sentence "Do you open this page with" calendar "as shown on the left, another account is another account on your calendar.Few people know if they are trying to share.

Actually, the following "Add Calendar Inquiry" screen is a confirmation screen of whether to share it to another person, and if you select "OK" here, "" (attacker name in this case)) Is given the calendar editing authority.As in this example, the attacker's account name is often "" ", and at first glance it is a name that cannot be seen by an account name, which is spurred.

At the next screen displayed after OK, the attacker's account has already been registered, so if you choose either "Event Display" or "Complete", close the screen regardless of whether you choose anything.But my calendar is already shared by the attacker's calendar

If you look at the "Account" column of "Calendar" from "Settings", you can see that the attacker's account "" "has been added as a" inquired calendar ".Even if you register, if you notice the existence of an unknown account, you can delete it from this setting screen, but if you do not notice, you will always share the attacker's calendar.

This is the content that this attacker "" "has been registered without permission.

It would be nice if you could understand that "I will not put it in myself" in this way, but if you are entered according to the schedule you usually register, such as a meal schedule or a meeting, etc.There is no way to distinguish it at first glance.Also, even with this content, some people may be worried that the virus has been infected with the virus, as a stranger warning on the screen of his smartphone with the calendar's scheduled notification function.

As a countermeasure, if you do not know the notification that you do not know during browsing the website, if you do not press "OK" anyway, even if you do "OK", if an unknown plan is registered in the calendar,Remember that you should check the account column from the calendar item of the setting mentioned above and delete an unfamiliar shared account.

Secondly, we will introduce the "update fraud" that displays fake update notifications of apps often installed on smartphones, such as browser apps, and deceives users to install malware.

The troublesome point of this fraud is that the installed app is difficult to distinguish between a regular app or fake app.

Let's look at the case.Suddenly, the following notification is displayed while browsing the website.At first glance, security alerts are raised and it looks like a notification to update the browser app to the latest version, but this app is actually a fake.

Moreover, some fake apps are licensed for contacts, telephones, SMS and storage, which are not originally necessary as a browser function at startup.Once you give authority, you will not only be able to pull out your personal information, but will also be at risk of being hacked by bot.

This fake app is often disguised as an Android smartphone pre -installed app.As for the way to distinguish, there are two apps with the same name when viewed in the "App List", and if you look at each details, the regular app is a pre -installed app, so you can not uninstall it.The fake apps can be uninstalled.

It is a clever place in this scam that cannot be distinguished at first glance, but as a countermeasure, the notification of updates with unknown strings as shown in the first screen is not easily "OK".Keep in mind that if you install it, you won't give you an inconvenience.

In particular, the authority of telephone and SMS is often used as two -stage authentication of money -related services, such as financial apps and shopping.It is important to keep in mind that you will never be permitted for apps that are not required for use, and have the habit of constantly checking your own credit card usage history and payment amount.

Mitsume is a fraud that indicates fake warnings, such as "infected with viruses," while browsing the website, mainly guiding the installation of paid apps.There are various warnings, such as displaying security warnings and attacks that guide them to DL of fake support apps.

The trouble of this scam is that the DL's app itself is in the official market that has passed regular screening, such as the App Store and Google Play.Moreover, the attacker's collaborators have written a lot of high rating comments and have raised the app, so at first glance does not look like an effective virus and security app.However, in fact, they are charged for expensive apps (even though nothing is effective).

There are several countermeasures.First of all, the browser has no virus detection function, so there is no warning by the browser while browsing the website.For this reason, the virus warning during the web is likely to be fraudulent.Of course, do not click on notifications and warnings you do not know.In addition, even if you are guided to the app DL, you may notice that the advice of the victim may be written, so you may notice by looking at the evaluation content instead of ★.Above all, I want to try not to install unknown security software.

Finally, the message is displayed on email, SMS, Twitter, LINE, etc., such as "I won the sweepstakes", and after entering personal information to send the product, the prize is sent at the same time."Sweepstakes fraud" that claims.

There are tricks that have been attached to various people's desires, such as teaching them as well as sweepstakes.

As a countermeasure, not only the easy and delicious story, but also the case that is disguised as the official website is the account notation, the URL "L (small letter l)" and "I (capital letter eye)"."0 (zero number)" and "O (English in English)" carefully confirm that notation similar to appearance is incorrect.Be careful not to get caught.

This time, we have introduced the main examples of fake alert fraud, but let's summarize the countermeasures again.

1.The browser has no virus detection function, so virus warnings during web are likely to be fraudulent.No notifications or warnings you don't know are open.2.Do not install unknown apps.3.Do not give unnecessary authority to the app.In particular, telephone and SMS functions are also involved in two -step authentication, so they do not give authority.Four.If you have an unknown content in the app that can be shared like a calendar, check if there is an unknown shared account.Five.It is customary to always check the history of credit cards and bank accounts, such as card usage history and payment amount.

A smartphone scam where the tricks are more sophisticated and even those with high security are caught.As shown in the case introduced this time, the number of tricks that exploit the standard app function of the smartphone and disguise official markets and official apps, making it difficult to prevent virus software and spam block.By knowing the examples and measures for fraud listed here, I want you to defend yourself not to suffer fraud.