PLDT and Smart urge internet users to protect themselves against embedded malware even on legitimate websites. PLDT and Smart’s Cyber Security Operations Group (CSOG) say that even without the user’s knowledge, these malicious codes can initiate the download of harmful files in a ‘drive-by download’ attack.
“Once downloaded, these embedded malware exploit the vulnerabilities of your device, allowing cybercriminals to steal your personal data, create disruptions, or take control of your credentials,” warned Angel Redoble, FVP and chief information security officer of PLDT and Smart.
These malicious files can lurk even on legitimate websites without detection. Users can trigger an attack from embedded malware simply by visiting the site. Outdated applications or software are especially vulnerable to drive-by downloads.
To protect yourself against stealthy attacks, CSOG suggests doing the following actions to secure your devices:
- Regularly update your web browser and operating systems to ensure that your device is running the latest security patches.
- Uninstall and delete applications you are not using to prevent them from being exploited by malware.
- Carefully read and review security pop-ups before clicking them.
- It’s best to use an administrator account when installing programs on your computers.
- Keep your antivirus up to date.
PLDT and Smart have been ramping up efforts to protect customers from cyber-attacks. In March alone, PLDT and Smart blocked more than 1.7 billion attempts to open malicious domains. CSOG has also thwarted more than 1.2 billion cyber-attacks and data breaches against its network and assets in the same time frame.
The PLDT Group’s information drives that help develop a culture of cybersecurity are part of its broader mission of elevating the quality of customer experience by protecting them from falling victim to cyberattacks and threats.