“When you whip out your smartphone to transfer money, deposit a check, or “tap” it on an electric reader to buy milk at your local 7-Eleven, do you ever wonder how secure it is?
The good news is, using your phone as a “mobile wallet” is largely considered safe. In fact, some experts argue the security of mobile payments is on par with online banking, with the added layer of password protection.
But that isn’t a license to throw caution to the wind. A February report by McAfee (which sells anti-virus software) found a whopping 20 million new pieces of “malware” — aka: malicious software — in 2010, a trend expected to surge in 2011 as cyber criminals catch up with the latest mobile technologies.”
Posts tagged “Mobile security”
“Every day cybercriminals and hackers are launching increasingly sophisticated, targeted attacks. In its Internet Security Threat Report, Volume 16, Symantec Corp. finds that, in addition to an increase in targeted enterprise attacks, mobile attacks are on the rise and hackers are increasingly using Java as a way into your network. Symantec identified more than 286 million new threats in its report, chronicling incidents between Jan. 1, 2010 and Dec. 31, 2010.
“While we didn’t see the number of attacks this year really grow, what we did see was a 93% increase in the number of web-based attacks. People tend to think of attachments in email, and if you click on that attachment, you’re going to get infected, but the real growth area, where they’re moving, is into Web sites,” says Kevin Haley, director at Symantec Security Response.”
From CIO Insight
“Encryption has long been a mainstay of securing mobile data, but that measure assumes that the main threat comes from the outside. Today, however, the main mobile security threat is the user, cautions John Herrema, senior vice president of corporate strategy at Good Technology, and encryption doesn’t counter that threat.
“In the ‘there’s an app for that’ world we now live in, the greatest threat comes from the 100 percent well-intentioned end-user who is simply trying to be more productive and get more work done, more quickly,” Herrema writes in a post at VentureBeat.”
From Fierce CIO
“Pandora’s Android app transmits a plethora of personal information to third parties after all, at least according to an analysis done by security firm Veracode.
The company decided to do a follow-up on the news that Pandora—among other mobile app makers—was being investigated by a federal grand jury, and found that data about the user’s birth date, gender, Android ID, and GPS information were all being sent to various advertising companies.”
From Ars Technica
“Scotland Yard’s inquiry into allegations of phone hacking by the News of the World took a dramatic turn on Tuesday as the paper’s chief reporter, Neville Thurlbeck, and its former assistant editor Ian Edmondson were arrested on suspicion of conspiring to intercept mobile phone messages.
The News of the World until recently insisted that the only phone hacking carried out on behalf of the paper was by a “rogue reporter”, Clive Goodman, and the only other arrests linked to the long-running saga took place in 2006, when Goodman, the News of the World’s former royal editor, and two associates were arrested.
Suppressed evidence of further phone hacking was not revealed until a Guardian investigation in July 2009.”
From The Guardian
“The online radio service Pandora has received a subpoena from a federal grand jury investigating whether popular smartphone applications share information about their users with advertisers and other third parties.
Pandora said it shared information with third parties to help it track how users interact with the service and to deliver targeted advertising. But the company, based in Oakland, Calif., said it was “not a specific target” of the grand jury investigation.
The disclosure comes at a time of mounting concern about Internet privacy and growing unease about the vast amounts of personal information that companies are scooping up online — from Web browsing habits to smartphone locations to Facebook preferences — and then mining to direct advertising.”
From The New York Times
“A favorite pastime of Internet users is to share their location: services like Google Latitude can inform friends when you are nearby; another, Foursquare, has turned reporting these updates into a game.
But as a German Green party politician, Malte Spitz, recently learned, we are already continually being tracked whether we volunteer to be or not. Cellphone companies do not typically divulge how much information they collect, so Mr. Spitz went to court to find out exactly what his cellphone company, Deutsche Telekom, knew about his whereabouts.”
From The New York Times
“Smartphones are getting pretty clever these days but it is unlikely they will outwit the cybercriminals as fraudsters increasingly go mobile.
Last week Android Market, the shop front for applications aimed at Android smartphones, was hit by around 60 malicious apps.
It is thought that they did little real damage other than to Android’s reputation, but the incident put the issue of mobile security back in the headlines.”
From BBC News
“Almost one third of internet users in the European Union caught a PC virus despite the majority having security software installed, statistics show.
Viruses were most prevalent in Bulgaria and Hungary, the survey of 30 countries reveals.
The 2010 figures, released by the EU’s statistics office to mark Internet Safety Day, show the safest countries were Austria and Ireland.”
From BBC News
“Smartphones running Android try to prevent the sort of viruses and Trojans that plague PCs by carefully walling off which of the phones’ features and data applications can access. But one team of researchers has demonstrated that a clever piece of malware can listen through the walls–literally.
Six researchers at Indiana University and the City University of Hong Kong have created a proof-of-concept program called Soundminer that’s capable of using a phone’s mic to listen out for credit card numbers. When a user either speaks or types their credit card’s digits into the phone, Soundminer parses the audio file, interprets the numbers, and sends them to another app that passes them on to a remote server.”