TECHNOLOGY: June 05, AU Edition

sonyericsson.jpgCALL BAITING
Mobile phone phishers will always have Paris, writes Chris Cobb. Will they have you too?
Paris Hilton may have unwittingly provided us a glimpse of a new technology menace when telephone numbers from her personal address book appeared on the Internet in February, after her mobile phone was apparently hacked.
It appears as though she may have company in the not-too-distant future, Internet security experts say.
The proliferation of ‘smart’ phones, which are mobile phones with the brains of a personal computer, means users increasingly will confront the same risks as desktop and laptop Web surfers and e-mailers – including spam, worms, viruses and phishing.
Phishing, an e-mail ploy to trick computer users into revealing personal data such as credit-card numbers and passwords, has grown dramatically in the past year to become the scourge of the wired world.

The number of phishing messages jumped dramatically in the second half of last year – 300 percent to 1,000 percent by various counts – and the total continues to grow, says Alfred Huger, senior director of engineering for Symantec Security Response, a Cupertino, Calif., maker of anti-virus software and other security products.
The cost of phishing scams to consumers and corporations – estimated by one expert at several billion dollars – is hard to determine precisely because financial institutions are reluctant to provide such sensitive data, but phishing is on the increase and becoming more sophisticated.
‘The low-hanging fruit has been swept up’, Huger says, ‘but people are having success at it. More people are coming into the game.’
Phishing hasn’t shown itself to be a serious threat yet on mobile phones, but it may be just a matter of time.
‘As more financial applications, like shopping and banking, become accessible on mobile phones, they will be targeted by hackers,‘ says Stephen Cobb, a St. Augustine, Fla., information-security expert and author.
Along with the threat of phishing, mobile phone users likely will have to deal with worms and viruses, which could steal private information, delete files or worse, experts said.
‘It hasn’t happened yet, but when it hits it, it could hit spectacularly’, says Richard Ford, a research professor at the Center for Information Assurance at Florida Institute of Technology.
‘One nasty cell-phone virus could bring down an entire network.’
One bright spot is the diversity of operating systems in the smart-phone arena. Unlike the PC world, where Microsoft Windows is the dominant OS, the mobile sector is home to several distinct OS.
‘That makes it more challenging for hackers’, says Philip Marshall, an analyst for the Yankee Group, a tech research firm. ‘They can’t attack as many systems with a single virus. They have to modify the virus for different phones.’
Wireless-industry officials said steps are being taken to try to head off such problems.
‘We’ve learned from all the worm and virus attacks on PCs, and we’re aware of what can happen,’ said Eric McGee, spokeswoman for Cellular Telecommunications and Internet Association, a Washington, D.C., trade group.
‘The problem will get worse before it gets better’, says Stephen Cobb.
‘The consumer has been sold the Web as a wonderful place to bank, shop and meet with friends, but without appropriate disclaimers as to the dangers.’
‘Phishers exist off the gullibility of the average user.’