What Are the Risks of Mobile Spam?

Tuesday, June 05, 2012

Robert Siciliano

37d5f81e2277051bc17116221040d51c

Spammers send unwanted emails or texts that are both annoying and frightening. Most spam messages are useless advertisements selling stuff you don’t need or want.

In 1995, 8,069 unique pieces of malware were detected. One out of 20 emails were spam, and the Melissa virus infected hundreds of thousands. By 2010, 54 million unique pieces of malware were detected and more than 90% of all email was spam.

SMS spam (or spam via texting) is so prevalent today because those sending it are often scammers using robocall techniques that sequentially dial numbers in any area code and extension. An online search for “mass sms software” turns up plenty of free and low-fee programs that facilitate mass texting.

Also, when you enter your mobile number on a website you might end up clicking a terms of service agreement where you allow the company to send you text advertisements. And entering your information on a mobile app is no different. If you are not careful, you could unknowingly be opening yourself up to spam from the app and any third parties they work with.

While spam is mostly annoying, it can also pose some risks to you. You could even be tricked into paying for products and services that turn out to be illegitimate or nonexistent. Spam can also be used to distribute Trojans, spyware, and exploit code that can infect your mobile device or steal your information.

To protect yourself from SMS spam, you should:

Unsubscribe to unwanted text messages – Try to reduce the amount of marketing lists that have your mobile number, If you haven’t signed up to receive text messages from an organization and don’t recognize the sender, don’t open the text or unsubscribe from the list, since this lets the spammer know that your phone is active. The best thing to do is just delete the message.

Protect your mobile phone number – Don’t give your mobile number to companies or people you don’t know. And, if you do need to give out your mobile number, make sure you should understand the company’s privacy policy to see if your information is being shared with any third parties.

Use great caution when opening attachments - Never open unsolicited business emails, or attachments that you’re not expecting—even from people you know.

Watch out for phishing scams. Don’t click on links in text messages. Instead, open your mobile browser and visit the site directly.

Do not reply to spam. Never send your credit card information, Social Security number, and other private information via email or instant message.

Watch your permissions – Make sure you know what information your apps have access to as you may be allowing them to send you text messages by just downloading the app. Read the reviews and privacy policy for the app.

Taking the time to practice some simple steps will help protect you against the risks of spam.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

Possibly Related Articles:
11759
Viruses & Malware
Information Security
SPAM scams malware Mobile Devices Smart Phone Text Messages SMS Permissions Mobile Applications
Post Rating I Like this!
Default-avatar
Maureen Robinson The article summarizes very well the greatest risks people are exposed to while using mobile devices and the best methods to protect themselves from being exploited. You can read further about understanding behavior and unknown vulnerabilities in mobile and social environments here: http://blog.securityinnovation.com/blog/2012/05/understanding-behavior-and-unknown-vulnerabilities-in-mobile-and-social-environments.html
1339503006
5e402abc3fedaf8927900f014ccc031f
Allan Pratt, MBA Excellent reminder, Robert!
1339553933
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.