Even with all the good news lately regarding spam, with Thanksgiving days away and Christmas around the corner, we can all safely assume cyber-criminals will be hard at work.
For the rest of us, that means having up-to-date security software and malware protection. But with the popularity of smartphones such as the BlackBerry and Apple iPhone 3G on the rise, it may be time for consumers to start thinking about securing these devices as much as their desktops and laptops.
According to the latest Mobile Market View, a consumer study of U.S. mobile phone users conducted by The Kelsey Group with research partner ConStat, almost 19 percent of mobile users now use a smartphone. Among those surveyed, more than 49 percent plan to purchase an advanced mobile device in the next two years. The survey was conducted in October and included responses from 512 mobile phone users aged 18 and older.
While security vendors have been sounding the alarm around mobile malware for some time, the idea of a massive mobile malware attack has lived largely in the realm of the theoretical. Compared with the threats to PCs, the amount of malware in the wild targeting mobile devices remains relatively small.
With that in mind, Gartner analyst John Girard noted that what consumers should be more concerned about is smartphones being lost or stolen.
“Most of the carriers offer smartphone data security and backup/restore services,” Girard said. “There is value in them.”
Security vendors are trying to tackle this problem in their own way. Kaspersky Lab, for example, includes a number of anti-theft features in its Kaspersky Mobile Security offering. In the event of loss or theft, a user can send a hidden SMS (Short Message Service) message to block access to the phone until a preset password is entered. A similar feature can also wipe the phone’s memory.
While smartphone theft or loss may be the bigger threat, the presence of malware targeting mobile phones suggests the saber-rattling by security vendors may be for good reason. Take, for example, the polymorphic worm WinCE.Pmcryptic.A, which targets smartphones running Windows CE platform on ARM processors. As described by Symantec, the worm does little in the way of actual damage, but forces the phone to dial premium rate numbers.
Other threats such as WinCE.Infomeiti steal information. That particular worm, which targets the Windows CE platform and Windows Mobile 5.0, only works on devices with a default language of Simplified Chinese.
Though the threat landscape in North America doesn’t seem to have caught up to the hype just yet, security vendors are placing their bets that the tide will turn soon. A number of security vendors besides Kaspersky make products for smartphones, from McAfee and Symantec to smaller companies like ESET.
So while the immediate threats faced by mobile users remain nowhere near those faced by PC users, you may end up buying security software for your smartphone a few months from now anyway.