The latest data from cybersecurity solutions firm Kaspersky showed a drop in mobile malware attacks against users in the Philippines. From 110,128 in 2019, the number of attempted malware attacks decreased to 55,617 or 49% in 2020. In 2021, the malware attempts to target smartphone and tablet users fell to 34,010 or 38.84% compared to the previous year.

Among Southeast Asian countries, the pattern of declining mobile threat activity was observed not only in the Philippines but also in Indonesia, Malaysia, and Singapore. In Thailand and Vietnam, malware attacks against mobile users in 2021 were even higher than in 2019 at 32% and 8%, respectively.

“The future is definitely mobile here in Southeast Asia,” said Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky. “At the surface, it may seem that cybercriminals are becoming less active because of the decreased mobile malware attacks. But, it is a global trend and it does not necessarily mean we are safer.”

Kaspersky detects decline in mobile malware attacks in 2021
K-pop, gaming dominate children’s searches in 1Q22 — Kaspersky

Kaspersky warns mobile users not to be complacent especially now that many financial transactions are done on smartphones and other personal devices.

Cybercriminals conceal the malicious software, particularly malicious codes in the form of Trojans, in apps approved by Google Play and APKPure, a popular alternative Android app store. Trojans are used by cybercriminals to delete, block, modify or copy data, and they disrupt the performance of devices or computer networks. Unlike viruses and worms, Trojans cannot self-replicate or make copies of themselves.

The types of Trojan cybercriminals often used to attack mobile users in the Philippines include Trojan-Downloader, Trojan-Dropper, Trojan-SMS, and Trojan Backdoor.

Banking Trojans

Kaspersky detected about 97,661 new mobile banking Trojans worldwide in 2021. A study conducted by the cybersecurity solutions firm revealed that 75% of Filipinos now prefer using smartphones for digital transactions. This may have been the result of the pandemic when the country was put to lock down to stop the spread of the virus. In the same study, almost half of the respondents admitted encountering cyber threats while using mobile e-wallets. But only 25% of those surveyed confirmed using security solutions.

“An interesting discovery shows how cybercriminals improved the stealing capabilities of their creations,” Kaspersky said. “Detected by Kaspersky last year, the Fakecalls banking Trojan would drop the call if the victim tries to contact their bank. The Trojan then replaces it with a pre-recorded response of a fake bank representative stored in the Trojan’s body. This would trick the victim into thinking that a bank employee answered the call.”

Kaspersky explained that when Banking Trojans infected a target computer, it allows cybercriminals to steal money from the victims’ online banking accounts and e-wallets. This makes Banking Trojans one of the most dangerous types of malware.

“We have to note that as we embrace digital payment apps more, we unconsciously put more of our hard-earned money in our devices,” said Siang Tiong. “Our devices usually remain vulnerable to simple malware attacks. There is a gap between awareness and action here in SEA so I urge digital payment providers and regulators to help us in encouraging users to protect their mobile devices, too.”

Kaspersky advises mobile users to:

• Download apps only from official sources. This is not a 100% security guarantee, but there are far fewer malicious programs in official stores. Even when malware slips through moderation, it usually gets removed from the store relatively quickly.
• Whenever possible, use apps from trusted developers with a good reputation to minimize the chances of encountering malware.
• Ignore apps that promise payouts you’ve never heard of or overly generous prizes. It’s almost bound to be a scam.
• Don’t give apps permissions they don’t need to work. Most malware will not be able to deploy fully without potentially dangerous permissions such as access to Accessibility, access to text messages, and installation of unknown apps.
• Use a reliable mobile antivirus that will detect and block malware that tries to get inside your mobile device. In the Philippines, select Kaspersky products are currently being offered at special prices for a limited time only. Kaspersky Internet Security for Android, regularly priced at P399 per license, is now available for only P199.50 for the month of June. Windows, iOS, and Android users can now get Kaspersky Total Security at 20% off from June 1-30. Both products are exclusively available through Kaspersky.