Smartphone users are getting a nasty surprise when they see their monthly bills, discovering that they have run up huge phone bills for premium-rate text messages they did not send. This is one of the latest scams being used by online criminals to profit from the recent boom in smart phones and mobile web applications (apps), according to the safe computing body GetSafeOnline.org….
Minister for Cyber Security Francis Maude said: โรรบMore and more people are using their smartphone to transmit personal and financial information over the internet, whether itโรรดs for online banking, shopping or social networking. This latest research from Get Safe Online shows that 17% of smartphone users now use their phone for money matters and this doesnโรรดt escape the notice of criminals. So while accessing the web via a mobile device can be fun and save time, itโรรดs important to be vigilant. This week, we are encouraging everyone to take a few moments to visit www.getsafeonline.org and make sure they follow the right advice for using mobile devices securely and safely.โรรน
Fraudsters are using online app stores to entice smart phone users to download rogue apps, says Get Safe Online, the UKโรรดs national internet security initiative. Often masquerading as โรรฒfree levelsโรรด to popular and legitimate online games, or even as security tools, these rogue apps disguise malicious software (malware) which the user unwittingly downloads at the same time.
Once downloaded, this malware enables fraudsters to take control of the victimโรรดs phone, allowing them to make calls, send and intercept SMS and voicemail messages, and browse and download online content. This enables them to gain access to all personal and payment data available on the phone – which can then be sold onto and used by identity fraudsters – and to โรรฒspamโรรด other mobile web users to commit further fraud.
In this latest scam, fraudsters are using this access to repeatedly send SMS messages to their own premium-rate services. Often the victim is unaware anything is wrong until they see their phone bill, or their network provider identifies โรรฒsuspiciousโรรด activity – by which time the fraudsters have moved on to other victims. These premium-rate SMS message scams are stealthier than previous premium-rate call scams because they do not โรรฒtie upโรรด a victimโรรดs phone line and are able to hide any suspicious activity from the user.
Rik Ferguson, director for GetSafeOnline.org and of security research at Trend Micro, says: โรรบThis type of malware is capable of sending a steady stream of text messages to premium rate numbers – in some instances weโรรดve seen one being sent every minute. With costs of up to £6 per message, this can be extremely lucrative. The user wonโรรดt know this is taking place, even if they happen to be using the device at the same time, as the activity takes place within the deviceโรรดs โรรฒback endโรรด infrastructure. This can often continue for weeks before being noticed.โรรน
Recent activity indicates fraudsters are capitalising on the boom in smart phone use; 59 per cent of current users acquired their device in the last 12 months. This is coupled with the higher bandwidth and โรรฒunlimitedโรรด web access now standard with many mobile network contracts, which has facilitated the increasing popularity of mobile apps – over a fifth (22pc) of British mobile phone users are downloading new apps at least once a month, according to research released by GetSafeOnline.org.
โรรบWith users now installing and removing apps with increasing frequency, the chance of encountering a rogue app is much higher. Smartphone security, such as anti-virus or anti-malware software, is available but not widely deployed. Soon it will need to be common placeโรรน, adds Ferguson.
Former high-tech crime investigator and managing director of GetSafeOnline.org, Tony Neate, says: โรรบSmartphones are now at as much risk from fraud as their computer and laptop counterparts, and represent big business for online criminals. These devices are essentially mini laptops with a wealth of personal information. Eighteen months ago, our primary concern was users not having secured the handset properly, giving fraudsters easy access to our data if it fell into the wrong hands; the majority of malware was relatively โรรฒtrivialโรรด. That has shifted and today there are clear signs of serious criminal intent to defraud users; we are seeing smart phones targeted by sophisticated and lucrative malware scams with increasing frequency and severity.โรรน
Get Safe Onlineโรรดs advice for avoiding rogue apps includes:
โรยข Unfortunately rogue apps can appear in legitimate app stores as well as unofficial online stores, so itโรรดs important to be extra vigilant when downloading new apps and to monitor your phone for any unusual activity?โรยข Always check reviews and ratings as well as developer information before downloading a new app?โรยข Malware can cause a lot of surreptitious activity on your phone, so battery performance might be a clue. If your battery suddenly starts draining really fast, consider that it might be a malware problem ?โรยข Make sure to check your phone bill online periodically – more often than once a month, that way you can keep tabs on any suspicious activity
Get Safe Online is working with PhonepayPlus, the UKโรรดs premium rate phone regulator, in addressing the risks posed by rogue apps. PhonepayPlus has taken action against apps which maliciously charge consumers without their knowledge or consent and has recently issued a consultation on draft industry guidance on tackling this issue.
For more information visit the Get Safe Online website.
