En español | Today's smartphones are really pocket-size computers, capable of browsing the Web, sending messages, making online purchases, managing bank accounts, taking photos and much more. But while most people use security software on their computers to keep sensitive information safe, very few have security software installed on their smartphones. In fact, one recent report says only 4 percent of smartphones and tablets are protected against viruses, device theft and data loss. And if criminals and mischief-makers don't attack your cellphone, it could still be at risk. According to a poll by Norton Security publisher Symantec, 34 percent of Americans report losing a phone, putting passwords and personal information at risk. It's time to fight back.
See also: Privacy & security how-to guides.
A Growing Threat
While there are potential security problems on any portable device, most recent attacks have targeted phones running the Android operating system. Android-based smartphones are outselling Apple, BlackBerry and Windows 7 models, which makes them a tempting target. And the system for distributing phone apps for Android is particularly vulnerable to abuse.
Apple maintains strict control over what's offered in the iTunes App Store — Google doesn't supervise the Android Market. As malware researcher Tim Armstrong of Kaspersky Labs explains, "From Google's point of view, there is no app review whatsoever — they don't scan apps, they don't vet at all. Basically I could write a malicious app this afternoon, set up an account for about $25 on the Android Market and be selling it within minutes."
It's relatively easy to create a program that will infect your system with malicious code. A hacker can download a perfectly innocent app from the Android Market, add the nefarious payload, then upload the newly created malware back to the Market with a slightly different name and make it available to the public.
What are the bad guys trying to achieve? The biggest money-making scam is making your phone sign up for an expensive subscription SMS text messaging service without your knowledge. You'll never know what happened until your next bill arrives with whopping extra charges tacked on. There are other exploits as well. A hacker could install an unseen program that sends him a copy of all your input, including passwords and other personal information, or send a message to everyone on your contact list, or view your personal photos or track your location.
While this kind of attack has been possible for years, it's only now becoming widespread. According to a report from security software firm Lookout, Android users were two and a half times more likely to encounter malware in June than they were in January, and the problem continues to increase.