Mobile Malware Threats to Rise in 2013

A report from mobile security specialist Lookout projected SMS-based spam would increase in volume across mobile networks in 2013.

Web-based mobile threats, such as phishing links or malicious Websites, continue to be the most prevalent and relevant risks to smartphone users, and are only expected to grow in 2013, according to mobile security specialist Lookout Inc.'s "2013 Mobile Threat Predictions," a forecast that identifies mobile threats people and businesses may face in the coming year.

Globally, at least 18 million Google Android users will encounter mobile malware from the beginning of 2012 to the end of 2013, the report found. Additionally, the global likelihood of a new Lookout user encountering a mobile threat, such as malware or spyware, is .84 percent on average from June to October 2013. The U.S. likelihood remained low at .40 percent in October 2012. About four in ten people encountered a Web threat over the course of 2012, the report noted.

Nearly three-quarters (72 percent) of all of Lookout's malware in 2012 was categorized as toll fraud, or the theft of long-distance service by an unknown third party. Lookout predicted this class of fraud would continue to dominate mobile threats in 2013 despite improvements made on the Android platform.

"Toll fraud is the easiest and least technical path to monetization and provides considerable ROI [return on investment] that is built into most mobile networks via pre-existing billing channels," the report said. "In addition, while more recent versions of Android devices [such as Jellybean 4.2] provide updated protection against premium SMS [Short Message Service] abuse, older versions of Android remain vulnerable."

The report projected SMS-based spam would increase in volume across mobile networks in 2013, and would begin actively collecting contact and other personal information from infected devices. To protect against mobile malware, Lookout issued a set of recommendations, such as downloading a security app that scans the apps a user downloads for malware and spyware, helps locate a lost or stolen device, and protects the user from unsafe Websites.

Other recommendations include reviewing the monthly phone bill statements for suspicious charges, exercising caution about granting applications access to personal information on the phone or letting the application have access to perform functions on the phone, and disabling settings (such as debug mode) that can open a device up to illicit access.

Lookout also offered tips for businesses on how to keep their organizations safe from mobile malware. The guidelines included helping employees understand the threats and risks in the wild so that employees can take action to safeguard their phones, and ensuring that every phone, personal or business, is protected with a mobile security software that finds malware, scans apps, and locates and remotely wipes the device.

"In 2012, smartphones and tablets managed countless aspects of our personal, public and business lives, giving attackers more incentives to strike," Kevin Mahaffey, Lookout co-founder and chief technology officer, said in a statement. "In 2013, people and businesses will be more aware of the risks to their mobile devices than ever. Trust is one of the most important factors determining if people will use their devices to the fullest potential. Our mission is to ensure that people have the confidence they need to conduct their personal and business lives in the mobile era."