AIRFORCE INSTITUTE OF TECNOLOGY
CYBER SECURITY
INTRODCUTION TO ANDROID SECURITY – STUDY MATERIAL, DECEMBER 2021
We often use our android devices today without bothering about our information and privacy being
compromised by attackers or hackers. As we speak, some of us don’t even have an antivirus software
installed on our phones. It is very possible for our phones to get hacked through our social media
accounts most especially WhatsApp and even Instagram and sometimes email.
Our phones can be attacked through so many ways. Some of them include,
1. Shoulder Surfing
2. Social Engineering
3. Phishing
4. Use of malware (Backdoors and key loggers)
1. Shoulder Surfing
Shoulder surfing is a way of spying on a person to obtain information. Shoulder surfing is the
easiest form of android hacking. It involves the hacker spying on the user by standing behind and looking
over the shoulder of the person using the phone, for the purpose of gathering login credentials,
passwords and other sensitive information. Shoulder surfing is not only applied in phones. It can also be
applied at the ATM where the attacker uses the same spying process to look at the pin of the user.
NOTE: Anyone can be an attacker.
2. Social Engineering
Social Engineering is the ability of an attacker to manipulate a person to perform certain acts as
a means to trick a user into giving out information. The attacker tries to trick sensitive information out of
the victim by exploiting his or her weakness in their life, home and even their jobs. One of the methods
of perpetrating social engineering in a company or organization is through Human Foot printing
Human Foot printing involves gathering information about an employee. And that can be done
by searching the internet, getting website information about the organization, gathering information
about the employees, dumpster diving and so on
After the attacker gathers enough info about the organization. He finds a vulnerable target or person.
Particularly one that is emotionally disturbed or angry or even mentally fragile. A target with these
qualities can give out sensitive information so easily. After finding the target, the attacker establishes a
pleasurable interpersonal relationship between him and the target in order to facilitate trust between
them. And once that is done, the attacker can effortlessly gain information from the target.