Press Releases

Skycure Mobile Shopping Advisory Reveals Riskiest Shopping Malls for Mobile Devices

Fashion Show Mall in Las Vegas Tops List of Malls with Most Malicious Wi-Fi Networks; Report Also Warns of Malicious Shopping-related Apps

Palo Alto, Calif. — November 17, 2016 – As the biggest shopping weekend of the year in the US approaches, Skycure, the leader in mobile threat defense, today released a Mobile Threat Intelligence Report advising shoppers to beware of mobile threats while browsing in both physical and online stores. According to this quarter’s Skycure analysis, the riskiest shopping mall to use a mobile device at is Fashion Show mall in Las Vegas, where 14 Wi-Fi networks were found to be malicious or risky to connect to. The second riskiest mall in the US for mobile devices is Tyson’s Corner Center in McLean, Virginia.

Skycure researchers also found that mobile shopping dangers are not limited to dangerous Wi-Fi in malls. Malicious apps masquerading as legitimate online stores or ways to get online shopping bargains also appear this time of year, hoping to lure unsuspecting shoppers eager to make a quick purchase on their phones or tablets.

“Black Friday and Cyber Monday are a recipe for cyber-scams,” said Yair Amit, CTO and co-founder of Skycure. “The first brings large groups of people using their mobile phones to one place. The second attracts people who might overlook security to get a better deal. Unfortunately, mobile threats exist for shoppers whether they’re shopping in a store, or on a mobile device from the comfort of their own home or workplace.”

Top 10 Riskiest Shopping Malls for Mobile

According to industry statistics, 90 percent of shoppers used a mobile phone inside of a physical store to either look up product information, compare prices or check reviews online in 2015. But before pulling out their mobile phones, shoppers should beware of joining risky Wi-Fi networks while out shopping this holiday season. Malicious Wi-Fi are set up by cyber criminals specifically to steal shoppers’ data, while risky Wi-Fi networks are misconfigured and expose sensitive mobile data to hackers. Both are dangerous and put mobile shoppers at risk. The most popular data to steal are usernames and passwords. With that information, a hacker can then break into the shopper’s cloud accounts, corporate email and other systems, long after the visit to the mall.

Below is the list of the top 10 malls with highest number of suspicious Wi-Fi networks. All the shopping centers listed below were found to have five or more risky Wi-Fi networks. Shoppers can check for top mobile threats in any destination by visiting https://maps.skycure.com.

  1. Fashion Show, Las Vegas, NV
  2. Tysons Corner Center, McLean, VA
  3. Yorktown Center, Lombard, IL
  4. Town Center at Boca Raton, Boca Raton, FL
  5. Sawgrass Mills, Sunrise, FL
  6. Mall of America, Bloomington, MN
  7. Houston Galleria, Houston, TX
  8. King of Prussia Mall, King of Prussia, PA
  9. Westfield Garden State, Paramus, NJ
  10. Memorial City Mall, Houston, TX

Malicious Commerce Apps to Avoid

Black Friday mobile threats are not limited to malicious Wi-Fi, and Cyber Monday is no longer limited to using your work computer to buy at sale prices. One third of all ecommerce purchases during the 2015 holiday season were made on a smartphone. Hackers know that people are shopping for bargains around the holidays, and there are many ways to lure people with fake coupons or too-good-to-be-true offers. One way is to offer apps that look like they are from legitimate online stores, either designed to make shopping easier, or to offer discounts or rewards. Skycure researchers found multiple examples, including the following:

  • At least one instance of a repackaged Starbucks app. Repackaged apps look exactly like the official apps offered by legitimate retailers and other businesses, but have a small amount of malicious code added in.
  • An app called “Amazon Rewards” which is actually a trojan that spreads using SMS messages that fake Amazon vouchers with a link to a fake website. It accesses the user’s contact list so that it can send SMS messages to even more people.

Both apps are examples of ways that hackers use trusted brands and shoppers thirst for deals to infiltrate a mobile device, then steal user data, banking, and/or credit card information.

For the full Skycure report, go to: https://www.skycure.com/blog/holiday-shopping-may-hazardous-mobile-device/

Safety Tips for Shoppers

Skycure offered the following quick tips for mobile users traveling to high-risk destinations:

  • Avoid “Free Wi-Fi” networks (10 percent of malicious networks have the word “Free” in their name).
  • If you see a Wi-Fi that is named as if it is hosted by a store, but that store is nowhere nearby, don’t connect. Skycure found multiple networks named “Apple Store” or “Macysfreewifi” where the named stores were nowhere nearby. Remember that mobile devices automatically join “known” Wi-Fi networks without any user intervention.
  • Check for top mobile threats in any destination by visiting https://maps.skycure.com
  • Only download mobile apps from reputable app stores such as the Google Play store and Apple’s App Store.
  • Read the warnings on your device and don’t click “Continue” if you don’t understand the exposure.
  • Update your device to the most current operating system.
  • Disconnect from the network if your phone behaves strangely (e.g. frequent crashes) or you receive a warning notification.
  • If you see a suspicious app, text, or Wi-Fi network, your device acts strangely, or you’re not sure about something and need help, report it to security@skycure.com
  • Protect your device with a mobile security app like Skycure.

Download the free mobile threat defense app from Skycure, which detects and alerts you to malicious network attacks, suspicious networks, malware and vulnerability exploits. To download Skycure, go to: https://apps.skycure.com on your iOS or Android device, or go to the App Store or Google Play store and search for “Skycure”.

About the Mobile Threat Intelligence Report

The quarterly Skycure Mobile Threat Intelligence Report reviews worldwide threat intelligence data. For the shopping mall report, Skycure researched mobile threats and high-risk networks for the top shopping malls based on Leisure’s Most-Visited Shopping Malls list. Other information in today’s report is based on millions of monthly security tests conducted by Skycure from July through September 2016 and includes both unmanaged devices and those under security management in enterprise organizations. Data includes Skycure’s proprietary Mobile Threat Risk Score, which acts as a credit score to measure the risk of threat exposure for mobile devices. For organizations, Skycure condenses millions of data points to calculate a risk score so that IT can quickly discern the state of the overall system and the risk to each device. Skycure analyzes more than a million apps and conducts hundreds of millions of tests on networks worldwide every year.

For details and to learn more about how Skycure Mobile Threat Defense helps to protect organizations and prevent cyberattacks without compromising the mobile user experience or privacy, visit www.skycure.com.

About Skycure

Skycure is the leader in mobile threat defense. Skycure’s platform offers unparalleled depth of threat intelligence to predict, detect and protect against the broadest range of existing and unknown threats. Skycure’s predictive technology uses a layered approach that leverages massive crowd-sourced threat intelligence, in addition to both device- and server-based analysis, to proactively protect mobile devices from malware, network threats, and app/OS vulnerability exploits. Skycure Research Labs have identified some of the most-discussed mobile device vulnerabilities of the past few years, including Accessibility Clickjacking, No iOS Zone, Malicious Profiles, Invisible Malicious Profiles, WifiGate and LinkedOut. The company is backed by Foundation Capital, Shasta Ventures, Pitango Venture Capital, New York Life, Mike Weider, Peter McKay, Lane Bess, and other strategic investors.

Contact:

Chris Fucanan
AquaLab PR for Skycure
press@skycure.com
916-684-9781