How secure is your smartphone?

Published on the 05/05/2010 | Written by Newsdesk


With staff increasingly mobile and mobility applications burgeoning, security threats are becoming as real on smartphones as they have been for some time on PCs. Being aware is the key to staying clean…

Today’s smartphones are, to all intents and purposes, miniature laptops. Many of the latest generation of smart phones run applications concurrently, just as their big brothers, the netbooks, do. Social networks have expanded exponentially at the same time, and those networks are spawning applications by the thousand every day.

Facebook now has more than 400 million users and a million of those users are writing Facebook applications. Many of these apps will run happily on a mobile phone, and in fact are being demanded by mobile phone users.

While the phones themselves are rarely hit by viruses or worms (yet), they can help to spread malware when connected to a network, just like USB drives. Hackers and criminals have also been known to use text messages to direct unsuspecting users to infected web sites, according to Lloyd Borrett, Marketing Manager at anti-virus provider AVG A/NZ.

“These messages, supposedly from a legitimate company, may try to convince you to visit a malicious web site by claiming that there is a problem with your account or stating that you have been subscribed to a service. Once you visit the site, you may be lured into providing personal information or downloading a malicious file,” Borrett warns.

Other risks with smartphones relate to downloading content. Borrett’s advice is for companies to warn employees not to download games or other unnecessary applications onto business-owned phones, just as they should not download such applications onto their work computer.

“There are many sites that offer games and other software you can download onto your cell phone or PDA.  This software could include malicious code. Avoid downloading files from sites that you do not trust. If you are getting the files from a supposedly secure site, look for a web site certificate. If you do download a file from a web site, consider saving it to your computer and manually scanning it for viruses before opening it.”

Aside from e-mail and web access, other ways criminal code could gain access to a mobile device is via the wireless networking technology known as Bluetooth. Borrett’s advice when it comes to Bluetooth is to ensure employees know to keep it switched-off when it is not needed.

“Make sure that you take advantage of the security features offered on your device,” Borrett says. “Attackers may take advantage of Bluetooth connections to access or download information from your phone. Disable Bluetooth when you are not using it to avoid unauthorised access.”

Smartphones are also increasingly being used for purchasing goods and services, which makes them a primary target for cyber thieves. According to AVG’s chief research officer Roger Thompson, “Viruses have, and will continue, to make it onto mobile devices from time to time. Just last month, we had a couple of iPhone viruses (or, more correctly, worms), but a virus is really only a virus if it spreads, and the malicious software we’re going to see infecting mobile devices will be much more subtle than your typical virus.”

Mobile malware will log keystrokes and snoop out user ids and passwords from mobile devices, according to AVG’s Thompson. “There will also be malware that transmits information about our browsing habits to its masters, who will use that information to decide what ads to serve us,” he says. “It’s quite likely that the more nefariously-inclined will build up databases of background information about us, to be used to profile us for future criminal activity.” Please feel free to read more of Roger’s thoughts on this topic at http://thompson.blog.avg.com/2009/12/virus-migration-from-desktop-to-mobile.html.

The Australian government web site “Stay Smart Online” www.staysmartonline.gov.au explains you can tell if your mobile phone has been infected with malicious software, if:

  • there is a sudden large increase in your phone bill with no clear reason
  • your phone has e-mails and messages in the sent folder that you did not send
  • the user interface has changed without you taking any action to change it.

If you notice any of those things, you should contact your mobile phone manufacturer and/or phone company for instructions on how to remove the malicious software.

Post a comment or question...

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

MORE NEWS:

Processing...
Thank you! Your subscription has been confirmed. You'll hear from us soon.
Follow iStart to keep up to date with the latest news and views...
ErrorHere