The agency – which was launched in October 2005 with the backing of several government departments, and the support and sponsorship of several companies – says that smartphone fraud has become big business for online criminals.
According to GSO, smartphone users are getting a nasty surprise when they see their monthly bills, discovering that they have run up huge phone bills for premium-rate text messages they did not send. This, the agency says, is just one of the latest scams being used by online criminals to profit from the recent boom in smartphones and mobile web applications (apps).
Francis Maude, the government's minister for cybersecurity, said that more and more people are using their smartphone to transmit personal and financial information over the internet, whether it is for online banking, shopping or social networking.
“This latest research from GSO shows that 17% of smart phone users now use their phone for money matters and this doesn’t escape the notice of criminals. So while accessing the web via a mobile device can be fun and save time, it’s important to be vigilant. This week, we are encouraging everyone to take a few moments to visit www.getsafeonline.org and make sure they follow the right advice for using mobile devices securely and safely”, he explained.
GSO says that fraudsters are using online app stores to entice smart phone users to download rogue apps, adding that, by masquerading as `free levels' to popular and legitimate online games - or even as security tools - these rogue apps disguise malicious software (malware) which the user unwittingly downloads at the same time.
Rik Ferguson, a director for GSO and head of security research with Trend Micro, said that this type of malware is capable of sending a steady stream of text messages to premium rate numbers.
“In some instances we've seen one being sent every minute. With costs of up to £6 per message, this can be extremely lucrative. The user won't know this is taking place, even if they happen to be using the device at the same time, as the activity takes place within the device's `back end' infrastructure. This can often continue for weeks before being noticed”, he said.
“With users now installing and removing apps with increasing frequency, the chance of encountering a rogue app is much higher. Smart phone security, such as anti-virus or anti-malware software, is available but not widely deployed. Soon it will need to be commonplace”, he added.
Former high-tech crime investigator and GSO managing director Tony Neate, said that smartphones are now at as much risk from fraud as their computer and laptop counterparts, and represent big business for online criminals.
“These devices are essentially mini laptops with a wealth of personal information. Eighteen months ago, our primary concern was users not having secured the handset properly, giving fraudsters easy access to our data if it fell into the wrong hands; the majority of malware was relatively trivial”, he said.
“That has shifted and today there are clear signs of serious criminal intent to defraud users; we are seeing smart phones targeted by sophisticated and lucrative malware scams with increasing frequency and severity”, he added.