Thursday, March 1, 2012

Spyware on smart phones

Spyware on smart phones



Forget what's in your wallet -- beware your smartphone. It's becoming one of your most dangerous possessions.

If your phone was stolen a few years ago, the thief could make prank calls and read your text messages. Today, that person can destroy your social life -- you said what on Facebook?! -- and wreak havoc on your finances.

Now that smartphones double as wallets and bank accounts -- allowing users to manage their finances, transfer money, make payments, deposit checks and swipe their phones as credit cards -- they are very lucrative scores for thieves. And with 30% of phone subscribers owning iPhones, BlackBerrys and Droids, there are a lot of people at risk.

"It's crazy the amount of information on that phone -- it's like carrying a mini-computer around with you, except that more people know the settings on their computer than they do on their phones at this point," said Nikki Junker, social media coordinator and victim advisor at Identity Theft Resource Center. "People are incredibly at risk as technology improves."

And mobile banking use is expected to soar by nearly 55% next year, according to recent data compiled by TowerGroup, a research firm for the financial services industry.

They found that while 17.8 million consumers used mobile banking last year, 27.4 million are expected to use it this year, and 53.1 million consumers are forecast to adopt it by 2013.

"We're now past the early adopters and starting to hit the early maturity phase," said George Peabody, director of emerging technologies at Mercator Advisory Group. "So much of our screen time is shifting from PCs to smartphones, and the banks want to be there and know they have to be there."
Google to power your mobile wallet?

In addition, the volume of mobile payments -- buying boots via Zappos iPhone app, for example, or paying bills -- is expected to climb to $214 billion by 2015, up from $16 billion in 2010, according to Aite Group, another financial services research firm.

And pay-by-phone is only going to get easier as our devices come embedded with Near Field Communication (NFC) devices that allow you to pay for your morning latte by waving your phone at the cash register.

Companies like Blaze Mobile and Bling Nation already let you pay major retailers by swiping your smartphone thanks to a sticker adhered to the outside of your phone. Meanwhile, an app created by mFoundry brings up an image of your Starbucks prepaid card barcode and lets you scan it in lieu of a credit card.

"A lot of players are now pushing to drive the contactless technology," said Gwenn Bezard, research director at Aite Group specializing in banking and payments. "While you're not going to wake up tomorrow and everyone is going to be using mobile payments, it's going to grow over the next years -- and from a very low base."

Watch your phone! Security attacks on smartphones climbed to an all-time high in 2010, according to AdaptiveMobile, an international mobile security firm. Specifically, attacks on Google's Android smartphones quadrupled, and smartphones running Java-based applications jumped 45%.

"Bad guys are following where the people are going -- and people are going to smartphones," said Peabody. "As smartphone prices continue to decline and even more people get them, that's definitely the new place for bad guys to go."

While storing a password and keeping your phone locked is a good start, it's not going to protect you from professional fraudsters.

"Don't think that having an initial password set on your phone can stop people from getting in there," said Junker. "It's a very low level of protection -- you can even find 30-second videos on how to crack smartphone passwords on YouTube."

If you use mobile banking or make online payments frequently, you should invest in anti-virus protection and check with your bank about any security or identity theft protection features that you can enable.

Most smartphones also offer remote wipe-out services -- like MobileMe for the iPhone -- that automatically erase the information on your phone if you claim it as lost or stolen.

If you bank with your phone by accessing its website rather than opening an app, be extra careful when typing in the address. Some identity thefts create domains with the same address as major banks with two letters switched in hopes a consumer will accidentally land on the site and enter their username and password, said Junker.

And make sure you immediately log out of any bank apps or sites where your financial information is stored as soon as you're finished. While your identity is still at risk if your phone is stolen, this will buy you time to wipe out your information as soon as you realize it's gone.

No comments: