Mobile device users should be aware of an alarming rise in malware targeting smartphones and tablets, according a press release Friday by the U.S. government’s Internet Crime Complaint Center (IC3). The IC3, a partnership between the FBI and National White Collar Crime Center, alerts users that the same security precautions that are recommended for traditional PCs and Macs should also be taken with their mobile devices.
Of particular concern to the IC3 is the recent propagation of the Loozfon and FinFisher malware. Loozfon, which targets Android-based devices and is spread by email, seeks to steal user data and tricks users into installing it by pretending to include information about a lucrative work-at-home opportunity. Once a user clicks the link provided in the email, a compromised web site automatically downloads and installs the malware which accesses the contact information from the device’s address book.
FinFisher — which targets multiple mobile platforms including Android, iOS, BlackBerry, Symbian, and Windows Mobile — gives cyber criminals the ability to track and control a user’s mobile device remotely. Like Lozfon, FinFisher is also spread by tricking users into visiting compromised websites.
The IC3 makes it clear that these are just two examples of the many forms of security threats that have emerged to target mobile devices, and the organization lists tips for protecting mobile device hardware and user privacy, including deactivating nonessential features, using device encryption, installing anti-malware software, disabling location services, not connecting to unknown wireless networks, keeping up to date with security and firmware updates, and not clicking on links from unknown sources.
While the majority of mobile malware has thus far targeted the open Android platform, users of devices from all companies should be cautious as the use of mobile devices continues to occupy more of our time and those with malicious intent work to exploit that fact.