With the ability to have users bring work on the go, business email and documents can be accessed from a mobile phone, PDA, or other tablet solution. It is productive to have the ability to bring work home with you to keep up to date on all of your emails and documents. With such easy access to business information, attackers are moving towards attacking mobile devices as they do not have as strong of security features like a home or corporate network does, such as firewalls and antivirus. The first cell phone virus appeared in 2004 called Cabir.A and spread through Bluetooth. The virus did not complete any malicious activity, but was created to prove that they could gain access to the phone and its contents. By the end of 2005, Fontal.A was developed to lock up phones in startup mode and completely disable the phone. Fontal.A spread through internet download.
A cell phone virus is almost identical to a computer virus. A virus infects the local device and attempts to copy itself to other devices. The virus copies itself by using internet downloads, Multimedia Messaging Service (MMS) attachments and Bluetooth transfers. The infected files are hidden on the device under games, security patches, or other add-ons. These virus can copy address books, copy saved passwords, or log all internet traffic. This is extremely dangerous as many people view confidential documents, emails, or visit bank websites on their mobile devices.
Another mobile attack is called smishing. Smishing is like the traditional phishing attack, but instead of using emails it uses Short Messaging Service (SMS), also known as a standard text message. These messages imitate as if they were being sent from a bank or being affiliated with a lottery sweepstakes asking customer to contact them about the pressing issue or reward. The victims are often asked to call a toll-free number and provide such information as account information and passwords to a fake automated system. This information can then be used to perform some type of fraud.
There are ways you can to protect yourself against these types of attacks. It is important to not accept all available Wi-Fi network connections as it can be dangerous if an attacker is staging an attack against all users on the network. You should only connect to a Wi-Fi connection if you know the network is secure. Avoid mobile applications that broadcast your physical location. This may be leaking information to an attacker that can be used to stage different types of attacks at a later time. Disable the auto-discover and listening functionality of Bluetooth on you mobile device. Only turn this feature on when connecting a new device. Then turn it off. And finally, do not respond to text messages that ask for financial or personal information. The lottery also does not send text messages to "potential" winners. If you have any doubts of how creditable the message is, follow your gut. Think before you act. Do not just click any link or download any application without first thinking, is it safe and secure?
Reference
1.) 21 Mar. 2011. “BBB: Bureau warns against cell phone smishing.”OA Online. <http://www.oaoa.com/articles/phone-62196-cell-new.html>
2.) Layton, Julia. “How Cell-phone Viruses Work.” How Stuff Works. <http://electronics.howstuffworks.com/cell-phone-virus1.htm/printable>
No comments:
Post a Comment