Smartphone Users Wise Up About Device Security
For the first time in history, data security is more important to U.S. smartphone users than call quality, according to a new report from Adaptive Mobile, a mobile security firm. Of the 2,000 U.S. smartphone owners surveyed, a whopping 90 percent said that they would change carriers if they found an unexpected charge on their bill.
Smartphone customers hold their carriers, not themselves, responsible for security. SMS text phishing, spam, malware and rogue applications were cited by at least 36 percent of the respondents as being the responsibility of their carriers. In fact, fewer than 1 in 5 respondents use security software on their phones, but would not run their computers without protection.
“It wasn't until recently that people started realizing that the phone in their pocket is actually a mini-computer, and with that change, people will have a different relationship with their carrier,” Kevin Mahaffey, co-founder and chief technology officer for Lookout Mobile Security, told TechNewsDaily.
If the data reside with the carrier, such as account information, it is the carrier’s responsibility to keep it secure. If the data is on the phone, the responsibility lies with the owner to keep it safe. However, carriers have made safeguards available to help their customers.
“As far as we've seen, the carriers take security extremely seriously and are taking steps to help keep their users secure,” Mahaffey said. “In fact, we're already working with three of the four major carriers.”
The most common security problem mentioned by survey respondents was spam, cited by 37 percent of the respondents who said they had received unsolicited messages on their phones. Experts warn it will only increase as spammers turn from computers to smartphones.
“Simply put, there are more connectivity avenues with smartphones,” said Sean Ryan, a research analyst for mobile enterprise at IDC. Smartphones offer the convenience of email, SMS (text-based Short Messaging Service) and MMS (Multimedia Messaging Service), which is used to send images between cellphones.
It is impossible for carriers to determine whether or not customers have subscribed to receive texts from companies or if the messages are spam. However, at least two carriers now allow customers to change their settings so their phones won’t receive text messages from the Internet, where most spam originates from. For unsolicited short codes, customers can reply with "Stop" in the body of the response to prevent future messages from that sender.
SMS text phishing
Spam with malicious intent, commonly known as email phishing, has been adapted to mobile phones. Called “smishing,” this type of phishing occurs when a fraudster sends an SMS text message asking recipients to provide personal and/or financial information by either calling a number or visiting a false website through their phone’s Web browser. The messages could appear to be from the user’s carrier or other familiar businesses. The texts often contain alarming messages such as “Call immediately to discuss a recent restriction placed on your account” or lucrative job offers including “work from home” and “mystery shoppers.” Fifteen percent of respondents reported receiving this type of text in the last year.
In addition to the steps to stop spam, smartphone users who encounter malicious messages should alert their carriers and the Federal Communications Commission. Earlier this year, Verizon filed a lawsuit against several companies accused of smishing and offers reimbursement to affected customers.
Malware and rogue applications
Smartphone malware can enter a device in numerous ways, including downloading software from a link in a text or email or even over an unsecured Wi-Fi connection, but the perceived threat is bigger than the actual danger. “Six percent of U.S. users report having been infected with a mobile virus in the last 12 months, well over the actual rates of under 1 percent,” Adaptive Mobile said. “Subscribers are starting to suspect virus activity where none exists, adding to customer care costs for the carrier.”
Apps are increasingly becoming the malware delivery method of choice. Consumers expect apps downloaded from their phones to be malware-free, but this hasn’t always been the case. Last spring, Google's Android Market removed more than 25 apps after the latest DroidDream Android virus, which infected an estimated 30,000 to 120,000 phones.
Verizon has partnered with Lookout Security's Mobile Threat Network to protect its VCast Apps store, which sells more than 2,000 apps for Android and BlackBerry smartphones.
For U.S. smartphone users, the biggest eroder of trust is personal data being compromised, a concern cited by 54 percent of survey respondents. Carriers keep sensitive customer data, including contact information, credit card numbers and Social Security card numbers, a windfall for identity thieves.
Keeping customer data safe is the responsibility of the carrier, and the government is currently circulating at least three bills that would impose fines on companies who do not comply with safety measures. Under one bill, consumers who have been harmed by a data breach could seek damages of $10,000 per day, up to a maximum of $20 million per violation.
Stop risky behaviors
According to the survey, 1 in 3 subscribers, or 34 percent, would open an SMS text message and 28 percent would open an email message from someone they don’t know on their mobile. Further, 40 percent would save log-in information such as passwords to their mobile. Passwords can be “sniffed” at unsecured Wi-Fi locations or fall into the wrong hands when a phone is lost.
Part of the problem is that people see mobile as a more trustworthy medium, the study found. They will take actions on it that they would not do on a PC. But a smartphone is a computer and should be protected like one, security experts say.
“We always recommend that consumers set a passcode on their device. You'd be surprised how few people do this,” Mahaffey said. He also advises users to install a security app that protects against malware and spyware, and use discretion when downloading applications.
- 7 Security Tips for Smartphone Users
- Banned! Top 10 Apps That Got Zapped
- 9 Safe Ways to Bank Online with Your Smartphone