HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 4 MINUTES AGO.
You are here: Home / Mobile Tech / Mobile Malware Uses SMS Toll Fraud
Security Firm Warns of Mobile Malware SMS Toll Fraud
Security Firm Warns of Mobile Malware SMS Toll Fraud
By Mark Long / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
SEPTEMBER
07
2012

Criminals are targeting mobile phone users with malware capable of billing unsuspecting victims through premium SMS services as well as invading the device user's privacy by accessing personal information, according to Lookout, a producer of mobile security software based in San Francisco.

The likelihood that any given Android-based mobile device contains malware or spyware is heavily dependent on geographic location -- from 0.02 to 0.04 percent in Japan and the United States to 41.6 percent in Russia. What's more, "people who download apps outside of trusted sources like Google Play have a higher likelihood of encountering malware," Lookout Mobile Security's research team said in a blog post.

The FakeInst family of toll fraud malware has already succeeded in stealing millions of dollars from mobile-device owners since October 2011, and accounted for 82 percent of all mobile malware detected worldwide by Lookout in June of this year. FakeInst games the app ecosystem by leveraging the built-in phone billing system known as Premium SMS.

"In general, when someone texts a specific number, or 'short code' to order a service, the content is delivered, and a fee appears on their phone bill," noted the authors of Lookout's new State of Mobile Security 2012 report. "Lax premium SMS regulation in certain geographies -- including Eastern Europe and Russia -- creates an environment in which toll fraud can be a viable business."

Proactive Privacy Management

According to Lookout, 5 percent of free Android mobile apps currently contain one or more aggressive ad networks with the ability to access the device user's personal information or display confusing ads. "In addition, a number of high-profile iOS applications raised red flags about privacy issues this year," Lookout's report says.

The good news is that American handset users are becoming more proactive in managing the personal content that resides on their phones. For example, 54 percent of U.S.-based mobile app users surveyed by the Pew Internet & American Life Project said they had decided not to install a mobile app because of the personal information they would need to share, and with 30 percent saying they had uninstalled a mobile app after learning that the software was collecting personal information about them.

"The way a mobile application handles personal data is a feature that many cell phone owners now take into consideration when choosing the apps they will use," said Pew Internet Project Research Associate Mary Madden on Wednesday.

Still, Lookout warns that mobile malware distribution techniques are diversifying, which means that mobile phone users will need to be even more vigilant going forward.

"Attackers are using a combination of new and existing distribution techniques, including e-mail spam, hacked Web sites that enable drive-by-downloads and affiliate-based marketing," the authors of Lookout's new report wrote.

Smartphone Users More Vigilant

According to Pew's new study, 31 percent of the U.S. mobile phone users overall reported having experienced the loss or theft of a mobile device in the past, and rising to 45 percent among users between the ages of 18 to 24. Additionally, 12 percent of respondents overall -- as well as 24 percent aged 18-24, indicated that others had accessed their handsets in ways which made them feel that their privacy had been violated.

Among smartphone owners, 59 percent of the Pew survey's respondents said they regularly back up their mobile phone content, and with 50 percent periodically clearing their mobile browsers browsing or search history. By contrast, only 21 percent of feature phone owners reported backing up phone contents and only 14 percent have cleared their handset's browsing or search histories.

"The wealth of intimate details stored on smartphones makes them akin to the personal diaries of the past -- the information they contain is hard to replace if lost, and potentially embarrassing in the wrong hands," said Pew Internet Project Research Associate Aaron Smith.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
ISACA® offers a global community of more than 115,000 IS/IT constituents in over 180 countries. We develop and deliver industry-leading certifications, education, research and business frameworks. We equip individuals to be leaders in the fast-changing world of information systems and IT - Learn More>
MORE IN MOBILE TECH
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
The FBI is pointing the finger of blame for the Sony Pictures cyberattack directly at North Korea. The hackers stole confidential data and caused the movie giant to can its new comic film, "The Interview."

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.