Time
1 hour 44 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:01
Hi and welcome to lesson one Day eight of the End User Cyber Fundamentals course.
00:07
This lesson will be focused on mobile phone security.
00:14
Today we will learn about
00:16
you are all tatting,
00:18
how to recognize suspicious links and why you should not jailbreak your phone.
00:27
Why mobile phones?
00:29
Everything we already discussed about safe Web browsing also applies to browsing the Web on your mobile device.
00:36
The difference is we spend much more time on our phones
00:40
and tend not to think twice about clicking a link or responding to a text on our phones.
00:46
Since we do everything are no phones from banking, browsing, shopping, listening to music, reading books, watching movies, chatting with friends and so on.
00:58
We tend not to pay attention on our phones compared to when we are on our laptops or PCs.
01:04
Because of this, hackers and spammers have special techniques to target mobile device users.
01:12
One of the techniques is U R L Patty.
01:15
It is particularly successful on a mobile phone because the phone Web browser is much smaller and has less real estate,
01:25
making it harder for you to see the entire u R L.
01:32
So what is Europe adding anyway.
01:34
Hackers trick users by creating fake and legitimate looking you or else they will, even at the logo to the fake U R L
01:42
and may even insert words to make the U. R L look more legitimate, such as validate, log in and secure.
01:52
They then pair the fake. You are with a spoofed website that looks exactly like Facebook or another legitimate website.
02:00
They will spoof websites associated with APS
02:05
you regularly use on a mobile phone
02:07
such as Facebook, Pinterest and instagram.
02:12
As I mentioned earlier, these hackers are targeting mobile devices because the U. R L bars are so small.
02:21
So the beginning of the URL, which you will see because it fits into the space in the URL bar, will look legitimate.
02:29
As in this example Here you may see em down facebook dot com,
02:34
and the rest of the URL that is visible to you will be padded with commas, dashes and other characters that do not seem harmful
02:43
and after the padding is the URL for the rial destination.
02:49
In the Facebook example here, the rial destination is Ricky talk dot com,
02:54
which is a malicious website and will prompt you to logging.
03:00
The bed actor will now have your credentials
03:04
if you are like most users, you are using the same credentials for your banking, for you shopping and other websites.
03:12
The bad actor will try these credentials against other websites, such as chase dot com, well fargo dot com and others in order to commit fraud.
03:25
Suspicious links
03:28
I know this may seem obvious, but again, on mobile devices we pay less attention,
03:34
and it is not as easy to verify links on mobile device.
03:39
Some people do not even know how
03:42
so. Always try to verify the URL will go directly to the company website
03:47
again. Hackers? No, it is more difficult to do certain things on a mobile phone,
03:53
then on a PC or laptop.
03:57
Such is hovering over a u R L to verify if the URL address is legitimate
04:01
on a mobile phone, you can verify the U. R L or link in an email by pressing down on the link until another screen or bubble pops up as pictured here on this light.
04:15
Note the pop up all very based on your device type or Web browser.
04:20
On this pop up, you may see the full really Earl, as pictured here on top
04:28
and or have an option to copy it or share it.
04:32
You can copy and paste it into a no paired app to see the full you earl or share to an email or text message.
04:41
This is not as easy or quick as hovering over a link, but it is simple and effective.
04:49
In addition to your girls and e mails, you may also get emails that look like they are coming from a retailer you normally shop.
05:00
The email may contain buttons like Shop Now will. By now
05:04
on your PC. You can hover over this,
05:08
but this is not so easy to verify on your phone. Always go directly to the retailer's website to be safe.
05:17
Jailbreak. Your phone
05:20
Joe Breaking is a term commonly used to apple devices. Jail breaking means you modify your phone to remove restrictions that are built into the IOS,
05:31
which is Apple's operating system.
05:34
I know jail breaking your phone seems school,
05:38
but there are many reasons why you should not do this.
05:43
Most important reason is security restrictions will be removed
05:47
when you download an app from the APP store. You will be asked if you want to share your contacts, location, camera and cetera with the new app.
05:58
This feature is removed. When you jailbreak your phone,
06:01
you may increase your exposure to malicious APS. If you download APS from other sources, which are not verified by Apple,
06:11
you may also void your warranty,
06:14
and the company may not fix it for you.
06:16
Software updates may not work, and you may also have issue with system updates, which can leave your device with an outdated operating system.
06:27
If you were working, some companies do not allow jail
06:30
broken phones to install company APS or received company emails or files etcetera.
06:41
What does it mean to jailbreak your phone?
06:46
Jail breaking means to model for your phone and remove restrictions built into the operating system by the vendor. This removes built in security that protects you against malicious APs and activity.
07:03
In this lesson, we talked about how to use your mobile phone and hacker techniques that target mobile phones.
07:13
We also discussed some things you can check for to keep yourself safe and why you should not jailbreak your phone
07:24
here. All my references
07:26
I will see you in the next lesson

Up Next

End User Cyber Fundamentals

This End User Cyber Fundamentals course covers Internet risks such as typosquatting, website spoofing, drive-by downloads, Malvertising, and how to protect yourself using security best practices.

Instructed By

Instructor Profile Image
Lisa Martino
Director, Information Security Governance, Risk & Compliance
Instructor