The Threat of Malware on Your Phone is Small, But Losing Your Device is a Bigger Concern

smart-phone_securityJudging from the crowded shelves of mobile security software, you’d think that there’s been an explosion in smart phone threats. Not exactly. According to a recent survey by PhoneFactor IT, only 16.6 percent of IT professionals surveyed said they considered mobile malware to be the greatest threat (nearly a third give desktop threats precedence). SMobile Systems, a company whose security software is tailored for mobile devices, reports that the rate of infection for its customers is only 1 in 63.

These numbers, while not alarming, indicate phone security should be taken seriously.


Should You Be Afraid?

Mobile threats are out there and becoming more prominent, but in the U.S. they’re hardly commonplace. Even the companies that sell mobile security software are quick to clarify that while there is malware for phones, it’s not as big a security risk as leaving your phone in a taxi.

Sean Sullivan, a security advisor who specializes in smart phones for F-Secure, says that while trojans and worms are growing problems in markets such as Europe, Americans don’t have much to worry about on that front—yet. “If you think about the PC side six years ago, that’s where we are with mobile phones now, except with mobile phones there’s a wider variety of platforms,” he said. “It won’t evolve as quickly as with PCs.”

Daniel Hoffman, executive vice president and chief technology officer at SMobile Systems, agrees that malware isn’t the biggest threat facing users. But he argues that the risks created for phones are likely to be particularly dangerous. Such threats include spyware that allows calls, e-mails, and text messages to be intercepted.

Hoffman also pointed out that users might be more susceptible to phishing attacks on mobile browsers, if only because less sophisticated smart phones render Web pages in a simplistic way. This can make it more difficult to tell a legitimate site from a phony one.

However malicious the threats are by design, Carl Howe, director of Anywhere Consumer research for the Yankee Group, agrees they’re few enough in number for the carriers to manage. “To date, we have not seen evidence that it’s a significant challenge for most phone platforms or on most carrier networks,” he said. “It’s really more theoretical than reality.”

smart-phone_security_3Sizing Up the Platforms

Analysts agree every OS is vulnerable—albeit, some more than others. According to Howe, the BlackBerry OS—while not perfect—is the least penetrable, while Android is one of the most porous.

“[Android] is all open source: anybody can get access to anything if they work hard enough at it,” he said.

Howe added that BlackBerry has another leg up on security: Only an authorized person (an IT manager, for example) can remotely wipe the device. iPhone users can do this themselves, a policy that Howe believes leaves the phone more vulnerable.

Not all mobile browsers are created equal, either. Although many, including those native to the Android, iPhone, and Palm webOS, are built on the WebKit architecture, each platform implements these standards differently. For instance, F-Secure’s Sullivan notes that the iPhone’s Safari browser has truncated links (meaning you might see ellipses in the middle of a long URL where characters should be), which can make phishers’ jobs easier.

smart-phone_security_1But SMobile’s Hoffman says people overestimate BlackBerry’s security. “When people think about all the security around BlackBerry, it’s really around the BlackBerry Enterprise Server, even though most devices are not managed by them,” he said. “And the BlackBerry Enterprise Server isn’t really about security; it’s about limiting what you can do with the device.”

In the end, all mobile platforms might be safer than the desktop, because most employ some form of sandboxing, a quarantining for malware. “They don’t let code go out and wander around the phone,” Howe said.

Your Own Worst Enemy

While most U.S. smart phone users don’t have to lose sleep over trojans and other malware, Howe and other security experts say users are still likely to reveal sensitive data stored on their phone—and mostly through fault of their own. According to Howe, hundreds of thousands of people leave their phones in cabs every year.

F-Secure’s Sullivan said the problem is that we rely too heavily on apps which keep us logged into our e-mail accounts, social networking profiles, and a host of other services. “It’s very easy to pick up the device, tap on the e-mail account, and boom—you’re in their primary e-mail account,” he said. “They don’t realize putting [the phone] down to get a cup of coffee somewhere [means] they’ve given other people keys to the kingdom.”

The obvious solution is common sense. Create a passkey for your phone, and use the settings to adjust how much idle time passes before it locks. Purchasing an extra layer of security, however, can allow you to remotely lock and wipe your device. Before you plunk down any money, you might be best off simply using common sense.

According to SMobile’s Hoffman, users’ indiscretion—everything from loudly reciting a social security number on a public phone call to letting passersby peek at on-screen text—can pose a security threat. In addition to keeping your voice down in public, he recommends investing in a shield for your smart phone’s screen.

Takeaways

Mobile attacks are real, and no smart phone platform is completely impenetrable. The good news? The odds of getting hit by a mobile worm or trojan are fairly low. The bad news? The chances that your phone will get lost or stolen, exposing your sensitive data to the world, are incredibly high. Even if you take the risk of mobile malware, spyware, and viruses with a grain of salt, consider investing in additional security software to make it easier to remotely back up, lock, and wipe your device.

LEAVE A REPLY
Name*
Email* (will not be published)
Website
*Indicates required field
Comments*
Submit Comments

FIND A REVIEW
Laptops
All Product Types Accessories Cars Digital Camcorders Digital Cameras eReaders GPS Laptops MP3 & Video Players Projectors Smartphones Software Storage Tablets / MIDs VoIP Wi-Fi
All Subcategories
All Subcategories All-Purpose Budget Business Desktop Replacement Gaming Multimedia Netbook Nettop Rugged Student Tablet PCs Ultraportable
Brand
Acer Alienware Apple Archos ASUS Averatec BenQ CTL Corp. Dell Digital Storm eMachines Emtec Everex Fujitsu GammaTech Gateway General Dynamics Getac Gigabyte Hercules HP HTC iBuyPower Intel Lenovo MSI Nokia Nvidia OCZ OLPC OQO Origin Panasonic Sager Samsung Sony Sylvania Systemax TabletKiosk Toshiba Verizon Viewsonic Viliv VooDoo Workhorse PC ZT Systems
Minimum Rating
Any Rating 4.5 Stars 4.0 Stars 3.5 Stars 3.0 Stars
Screen Size
10 11 12 13 14 15 16 17 18 20 4 5 6 7 8 9
Resolution
1024x576 1024x600 1024x768 1200X800 1280 x 720 1280x1024 1280x768 1280x800 1366x678 1366x768 1440x1050 1440x900 1600x768 1600x900 1680x1050 1680x945 1920x1080 1920x1200 800x400 800x480
Weight Range
10.1 - 12.0 pounds 12.1 - 14.0 pounds 14.1 - 16.0 pounds 2 lbs 2 pounds and under 2+ lbs 2.1 - 4.0 pounds 4.1 - 6.0 pounds 6.1 - 8.0 pounds 8.1 - 10.0 pounds Over 16 pounds Under 2 pounds
more options
SUBSCRIBE