Smartphones: Scammers New Playgrounds

From malware to fake Web sites, the increasing popularity of smartphones is making them more vulnerable to scammers. While the threat is not as prevalent as scams targeted at PCs, there are a rising number of attacks hitting iPhone and Android-based phones.

“The main threat is getting malware on your phone,” says Andrew Hoog, chief investigative officer at  ViaForesnics, a mobile and computer forensics company. “There’s more malware popping up in this particular space.”

Other attacks surfacing on mobile phones include text messages designed to charge users for premium services, fake Web sites created to capture sensitive data and hacking phones that are using an unsecure Web site, according to Hoog.

Despite people using their smart phones as mini computers, there is little concern over scams, creating the perfect breeding ground for attacks.  Before you fall victim, follow these simple steps:

Protect Your Data

One of the most common ways a mobile phone user’s information is compromised is when the device is lost or stolen.  Hoog suggests installing a passcode on phones to help keep any private or sensitive data secure and out of the hands of hackers.

For those seeking even more protection, Daniel Hoffman, chief technology officer at SMobile Systems, a mobile security company, suggest installing software that will lock a lost phone, attempt to locate it and do a remote wipe of all the data.  Some phones come equipped with this feature, but if not, the software is readily available for purchase online and in stores.

Surfing On a Secure Location

Although it’s hard for a hacker to capture your information over a Wi-Fi network it is possible, which is why Hoog suggests mobile phone users only browse through their carrier’s network or a secure Wi-Fi network, especially when conducting personal business like banking.

“With an untrusted network [scammers] can insert a fake Web site to redirect you,” he says.

Be Wary of Links Sent Through Texts, Email

A common scam that is currently circulating involves sending texts and e-mails from what appears to be a legitimate Web site when it’s really courtesy of a scammer looking to capture users’ data. This scam is harder to detect on smartphones because only a set amount of characters of a Web site’s address can be displayed, potentially tricking users into handing over sensitive information like Social Security numbers of bank account information. Hoog advises smartphone users skip clicking on any link sent to them and instead use their mobile phone browser to go to the site directly. Same goes for e-mail:  Don’t click on a strange link provided in an e-mail, go directly to a company’s Web site to check out the latest promotion.

Download Trusted Apps

There’s an app for pretty much anything nowadays, but unfortunately not every app is legitimate. While the companies try and monitor the apps available for their phones, they can’t catch every bad guy.

“Consumers need to understand that neither Apple (NASDAQ:AAPL) or Google (NASDAQ:GOOG) are doing any sort of extensive audit of the apps,” claims Hoog.  He advises consumers make sure the app is from a trusted source or one that has positive reviews or feedback before downloading it.

In the coming few weeks, ViaForensic is releasing free software that will act as an app watch dog service. The software will review the mobile apps and tell users if the app stores information securely and if it’s vulnerable to malware.

Get Protection

According to SMobile’s Hoffman, consumers need to treat their mobile phones just like their PC and install a suite of antivirus and security software.

“They need to have an antimalware solution especially if they are downloading apps, sharing data and inserting data cards,” says Hoffman.  He notes that while the free security software may protect mobile phone users to a certain extent, paying for an application will give you more protection.