Cellphones and PDAs | Associated Security Risks | Defending Against Attacks

Page content

Attackers can use various different methods in attempt to “hijack” your cellphone or PDA. They can steal your personal information, misuse your service, put your privacy in danger, etc. Here are some common ways in which this can happen:

Enticing You to a Malicious Website

PDAs and cell phones are often targets of phishing scams where an attacker can create a fake website that may appear to be a legit online banking website and when you visit, the malicious code runs and does its job. Attackers also send text messages to cell phones, supposedly from a legitimate company, which may try to convince you to visit a site where you may be enticed into providing personal or sensitive information or download malware infected files.

Using Your Cell Phone or PDA in an Attack

When an attacker attacks and gain control of your service, your cell phone or PDA becomes a “zombie” phone or “zombie” PDA, which will be used to attack others. It helps the attacker in hiding his or her identity and increasing the number of targets.

Gaining Access to Your Account Information

Most modern phones allow users to perform certain transactions such as paying for utility and credit card bills and more. An attacker, who successfully gains access to a phone, may be able to read your personal account information then misuse or sell it.

Abusing Your Service

The number of text messages you can send or receive is often limited in cell phone plans and an attacker can spam you by sending a message, which can incur your extra charges. An attacker can phreak your service, which means he or she will be able to use your service, without you knowing about this, while putting all the costs on you.

What Can You Do To Protect Yourself From Attacks?

Evaluate Your Security Settings

Most phones come with security options that should be used to enable the most appropriate security settings for your phone. For example, Bluetooth-enabled phones can be attacked by sending a malicious signal, so you should keep Bluetooth turned off when not using it. Also, use other security features offered by the phone such as Tracker, Buetooth security, keypad lock, PIN security features, GSM SIM locking, etc.

Be Careful about Posting Your Cell Phone Number and Email Address

If you have a blog or contribute on online forums, be careful when you put your email address or cell phone number on the sites. Attackers use software that browses the Internet for random email and phone numbers, which then become targets for attacks.

Be Aware of Phishing

URL links sent in email and text messages that might appear to be a legitimate website (facebook.com, ebay.com, for example) could take you to another site where a malicious code awaits. Be wary of URLs sent in unsolicited email and text messages.

Be Cautious When Downloading Software

You can download games, wallpapers, software and many more things off the Internet to your phone or PDA. Keep in mind that many websites have malicious code-infected software. Avoid downloading anything from a site that you do not completely trust. To be 100% sure, first download the files to your PC, scan them with an antivirus program and then copy them to your phone/PDA.