Modern mobile phones and Smartphones bring a significant convenience to people’s lives over and above simply making phone calls and sending text messages, but in recent times these devices have been targeted in increasing numbers by malicious users who would seek to gain control of a device or steal the information stored on it. Exercising due care and attention is important, but it is becoming evermore essential to treat a mobile in the same way as you could a desktop or notebook computer, and ensure that sufficient security is installed to act as that vital second-tier of protection. Here we’ll look at the common threats posed to handhelds and explain how this software can help.
Viruses and malware
Perhaps the biggest concern to mobile users is that of viruses and malware that can infect a device. This is usually because these programs are well crafted to appear “hidden”, while going about their business of stealing data and/or sending it on to third parties.
There’s little doubt that malware-based threats to mobiles are on the rise –recent reports suggest that in 2010 these increased 250% over the previous year, and they vary quite wildly in the type of damage they can inflict on a device.
The recent DroidDream malware exploited vulnerabilities in Android devices and posted the IMEI and IMSI codes (used to identify a specific phone being used on a specific network, and where this network is located) along with the version of the operating system. This seemed to be more of an information gathering exercise and was stopped in its tracks early on – Google subsequently removed all offending software from its servers and mobile phones that had installed it.
More dangerous are strains such as Zeus-in-the-mobile, which is designed to silently retrieve SMS messages to a remote server without the user’s knowledge, steal bank information and approve transactions without permission.
It goes without saying that avoiding such malware would be at the top of the list for modern mobile phone users, and the need for a software-based solution to help detect and eliminate strains has never been more essential.
How can security software help?
Security software on a mobile phone can help eliminate viruses and malware in a similar way to a desktop or notebook computer. Security vendors are used to staying one step ahead of the game, offering regular updates as new strains are discovered. A phone can benefit from this same experience using a mobile form of security that can scan for viruses or spyware, and if any are detected they can be instantly deleted or quarantined.
In addition, a mobile-based Firewall offers greater control over application access permissions and can help prevent malware from reaching the device in the first place, or at least from doing any further damage until it is removed.
As with computer-based security, both of these tools are essential to prevent attacks and can offer piece of mind that the work being done by security vendors to counter malicious threats is benefiting your handheld device as well.
Spam and junk messages/e-mails
Just as with computers, mobile phones are subject to unwanted messages that can range from frustrating to potentially dangerous. In addition, one annoyance that is more unique to mobiles is that of unwanted calls, and with mobile phone numbers being used increasingly as contact details for companies when filling in online or offline paperwork we could soon see an increase in this behaviour as well.
How can security software help?
A security suite that offers a spam filter should allow you to add phone numbers to a “blacklist” – a database of contacts that are blocked from contacting a phone. This can also be used to block SMS messages, and help to ensure that you’re not bothered by unwanted third parties more than once.
Loss or theft
Loss or theft of a device is always a possibility –recent research from the BBC indicates that around 2% of British mobile phone users have reported a theft in the last year, leading experts to predict that around 228 mobile phones are lost or stolen every hour. In the past this was more of an inconvenience (albeit with potential financial implications) that a quick call to your mobile provider to arrange a replacement could solve, but with modern phones effectively being labelled as “miniature computers”, many users are now at much greater risk.
If a phone has been used to access the internet, perform online transactions, carry out bank payments or check an account and send and receive email, there could be a raft of sensitive information such as passwords, login details and more stored on a device that could then be used by a third party. In theory at least, losing a mobile phone could be far more dangerous than losing a wallet or credit card.
The main issue with this situation is that many users may believe they have simply misplaced their phone, leaving it in another location that may be potentially secure, such as a friends house or the office, or perhaps somewhere in their own home. Locating the device is obviously important, but until a user is sure that a device has been stolen or that it is irrecoverable, they may be leaving a mobile active and potentially in the wrong hands for long enough for a malicious user to grab all the information they need.
How can security software help?
This is one area where a modern security suite is particularly effective and can offer significant peace of mind even if a phone has simply been misplaced. Smartphones can be controlled remotely by sending action requests to the device to run software or activate certain features.
Some security suites offer a range of “tiered” requests that can activate certain features on the device to protect a phone, or even help you find it.
The first thing that would be useful when simply misplacing a phone is to remotely activate an audible alarm that can help you find a device in the immediate vicinity. If the phone can’t be heard, the next step would be to lock it remotely so that it requires a password for entry. This way you can be sure that anyone who comes across the handheld can’t just enable it and start searching through your personal data.
It’s even possible to locate a phone that has built-in GPS on a standard map. GPS will be switched on remotely and the software will triangulate the phone’s location, offering accuracy up to a few feet.
Finally, if a phone has been missing for long enough to assume that it is stolen, it’s possible to wipe key data from the device to prevent it from getting into the wrong hands.
Since all of these features are offered through a software interface on a desktop computer or webpage, it’s reassuring to know that even if you can’t get to your phone, you can still safeguard it from afar.
With these tools in your arsenal, you can make it extremely difficult for a thief to gain access to the data stored on a handheld, both indirectly through infection by malware or if they are in physical possession of the device. Since security suites are now commonplace on computers and most users wouldn’t think of using one without sufficient protection, it’s important that this awareness carries through to mobile devices as well, and sooner rather than later.