What other safety tips should I take note of?
Whether you are an Android or Apple user, the experts advised people to ensure that their device’s operating system, apps and security software are kept up to date, as updates often include security patches that protect against vulnerabilities.
Users should review hyperlinks from text messages or emails before clicking on them. Suspicious links could lead users to unofficial app stores where malicious apps can be downloaded, said Mr Lo.
He also advised people against writing down passwords on their phones’ note-taking apps as a security practice.
“This is a risky practice that could compromise their information,” added Mr Scheurmann.
A man who recently lost more than S$40,000 (US$29,600) in CPF savings to a malware scam told CNA that he suspects the scammer had accessed his passwords and other login details in a note-taking app on his phone.
Users may consider using password managers which are secure and encrypted tools that will store all their passwords in one place, said Mr Lo. “It generates strong, unique passwords for each account and automatically fills in passwords when users need to log in,” he added.
What should I do if my phone is affected by malware?
If your phone is affected by malware, experts recommend that you disconnect the device from the internet, either by turning off Wi-Fi and mobile data or by enabling airplane mode.
“This will prevent the malware from communicating with its command-and-control servers and further spreading or causing harm,” said Mr Wilcox.
Next, attempt to boot your device in safe mode to disable third-party apps temporarily. Go through your list of installed apps to identify if any of them could be suspicious or contain malware.
“Pay attention to apps with generic names, misspellings, or unauthorised app store icons,” said Mr Wilcox.
After uninstalling the suspicious apps, install mobile security software from a trusted source to do a final scan of any remaining malware viruses.
“As a last resort, reset factory settings. This should only be done if the malware is quite resilient, as this will affect all the device’s previously-stored data,” said Mr Scheurmann.
As your credentials could have been accessed by bad actors through malware, you should also reset your passwords.
Following a malware infection, you should take note of any warning signs of identity theft, such as any failed login attempt emails or missing mail, said Mr Scheurmann.
If there are any unknown activities or financial transactions, you should suspend your bank accounts as soon as possible.