Help Desk Headaches: Mobile malware

help_deskThink about this scenario, which is probably not a stretch of the imagination: You’re checking email over your coffee and donut and you see a message from a sales rep saying that the new corporate Android app doesn’t work. Uh-oh. What new Android app?

As it turns out, the night before, most of the company’s employees received a spam message that appeared to come from IT. The email directed users to install a new Android app that would allow mobile access to corporate files. While some users emailed to ask if this was real, others went ahead and installed the rogue app.

What do you do?

Well, you’ll probably start by sending an email warning employees not to install the app. Then you track down one of the victims, examine the questionable app, and do some research. You might find out that this particularly nasty malware is designed to silently send text messages to premium numbers, generating revenue for the criminals behind the attack. Great! Hopefully the mobile carrier will reverse the charges.

Now you have to figure out which employees installed the bad app. You might be able to convince the mobile provider to scour the company’s recent account activity for suspicious SMS charges. Then, you’ll end up spending time matching those phone numbers to users, since the inventory spreadsheet probably isn’t up to date. Finally, you dispatch your staff to attend to the users and their infected phones.

At the end of a long day, you’ll be stuck debriefing your boss and identifying steps to prevent a similar incident in the future.

There’s an easier way to make sure this scenario never happens. You can manage all your company’s mobile devices and keep them secure from malicious and unauthorized apps. Sophos Mobile Control and Sophos Mobile Security can save you hours of headaches.

Sign up for a free trial at Sophos.com/mobilecontrol and see what Sophos can do for you.

Leave a Reply

Your email address will not be published. Required fields are marked *