Smartphone customers hold their carriers, not themselves, responsible for security. And it's this belief that may get them into trouble. A smartphone is essentially a mini-computer and needs the same protection as a PC -- and more.
Protection against SMS text phishing, spam, malware and rogue applications were the responsibility of carriers, according to respondents in a survey of 2,000 U.S. smartphone owners released last week by Adaptive Mobile, a mobile security firm. Fewer than one in five respondents used security software on their phones, but likely would not use their computers without it.
Bottom line: If the data reside with the carrier, such as account information, it is the carrier's responsibility to keep it secure. If the data is on the phone, the responsibility lies with the owner to keep it safe. However, carriers have made safeguards available to help their customers.
The most common security problem was spam. Nearly 40 percent of respondents said they had received unsolicited messages on their phones. Experts warn it will only increase as spammers turn from computers to smartphones.
It is impossible for carriers to determine whether or not customers have subscribed to receive texts from companies or if the messages are spam. However, the major carriers now allow customers to change their settings so their phones won't receive text messages from the Internet, where most spam originates. For unsolicited short codes, customers can reply with "Stop" in the body of the response to prevent future messages from that sender.
SMS text phishing
Spam with malicious intent, commonly known as email phishing, has been adapted to mobile phones. Called "smishing," this type of phishing occurs when a fraudster sends an SMS text message asking recipients to provide personal and/or financial information by either calling a number or visiting a false website through their phone's Web browser. The messages could appear to be from the user's carrier or other familiar businesses. The texts often contain alarming messages such as "Call immediately to discuss a recent restriction placed on your account" or lucrative job offers including "work from home" and "mystery shoppers." Fifteen percent of respondents reported receiving this type of text in the last year.
In addition to the steps to stop spam, smartphone users who encounter malicious messages should alert their carriers and the Federal Communications Commission. Earlier this year, Verizon filed a lawsuit against several companies accused of smishing and offers reimbursement to affected customers.
Scam by phone
Scammers still use good old-fashioned phone calls to fleece their victims. If you receive a call from someone claiming to be a relative or friend who is hurt or stranded in a foreign country and is asking for money, beware.
Don't panic. Take the information, but don't provide any in return such as a bank account number. Regardless of how believable the caller seems, call other family members to verify the emergency. Just last week, my mother-in-law sent thousands of dollars overseas to someone who posed as an injured grandson. The grandson in question was at home studying for exams, but by the time she called family, the money was gone.
Malware, rogue apps
Smartphone malware can enter a device in numerous ways, including downloading software from a link in a text or email or even over an unsecured Wi-Fi connection, but the perceived threat is bigger than the actual danger.
"Six percent of U.S. users report having been infected with a mobile virus in the last 12 months, well over the actual rates of under 1 percent," Adaptive Mobile said. "Subscribers are starting to suspect virus activity where none exists, adding to customer care costs for the carrier."
Apps are increasingly becoming the malware delivery method of choice. Last spring, Google's Android Market removed more than 25 apps after the latest DroidDream Android virus, which infected an estimated 30,000 to 120,000 phones. iPhone apps pose a much lower risk due to Apple's review process.
Carriers are taking the lead for apps available in their stores. For instance, Verizon has partnered with Lookout Security's Mobile Threat Network to protect its VCast Apps store, which sells more than 2,000 apps for Android and BlackBerry smartphones.
Stop risky behaviors
According to the survey, one in three subscribers, or 34 percent, would open an SMS text message and 28 percent would open an email message from someone they don't know on their mobile. Further, 40 percent would save log-in information such as passwords to their mobile. Passwords can be "sniffed" at unsecured Wi-Fi locations or fall into the wrong hands when a phone is lost.
Part of the problem is that people see mobile as a more trustworthy medium, the study found. They will take actions on it that they would not do on a PC.
But a smartphone is a computer and should be protected like one.
Ogden-based TopTenREVIEWS.com guides consumers by comparing products in the world of technology, including electronics, software and Web services. Have a question for TopTenREVIEWS? Email Leslie Meredith at email@example.com.