How to Fraud-Proof Your Smart Phone

by Cesar Bacani, 22 December 2009

0 comments

Facebook

Digg

Twitter

topics:
Security Technology

tags:
bots Conficker F-Secure PCCW virus worm

Like many finance professionals, I depend on my iPhone for virtually all communication needs, not only for phone calls but also for sending and receiving email, maintaining contact directories, catching up on business news and e-books, and checking stock prices. In the office and at home, I rely on personal computers to get work done and, increasingly, social networks like LinkedIn and Facebook to keep in touch with business contacts.

Which is why a press briefing I recently attended was personally disturbing. “In 2010, we’re expecting to see more iPhone attacks,” said Wing Fei Chia, senior security response manager at the Asia Pacific unit of F-Secure, a Finnish anti-virus and Internet security tools provider. The malicious Duh worm, which tries to turn iPhones into a botnet in order to obtain financial information, was discovered in November. F-Secure expects attacks on other smart phones, including those running on Android and Maemo.

F-Secure also forecasts more intrusions into social networks such as Facebook, Twitter, Myspace, and LinkedIn as hackers seek detailed personal information for fraudulent schemes and launch spamming and denial-of-service attacks. Facebook now has 350 million accounts, a concentration of people and data that is very tempting to cyber-criminals.

And Conficker, which Wing considers ‘The Worm of 2009,’ is still out there in the wild. F-Secure warns that various versions of the worm have infected at least 6 million computers worldwide. No one knows who the perpetrators are and what they plan to do – Conficker has yet to cause mass disruptions. “But imagine controlling more than 6 million bots,” says Wing. “What damage can be caused?”

Mobile Phone Tips

Fortunately, only ‘jailbroken’ iPhones – meaning devices that have been modified to allow it to download applications from non-Apple sites such as Cydia and Rock App – are vulnerable to the current worm. But that doesn’t mean that devices that have not been tampered will remain safe in the near future. F-Secure recommends the following steps to protect your IPhone:

Enable password protection to prevent unauthorized access.
Keep your phone updated. Install the latest firmware update when it becomes available.
Keep your connections (Bluetooth, WiFi) off when not in use.
Deactivate JavaScript, block pop-ups and reject or delete cookies.
Use an application that would securely encrypt and store your passwords.
Regularly backup the data on your mobile phone.
Always keep your phone close to you.

Do not jailbreak your iPhone. Jailbreaking is different from SIM unlocking, which is the process of making the device compatible with telephone networks that the phone was not specifically licensed to use. Jailbreaking allows the iPhone to download applications not available on Apple’s official distribution system through such installers as Cydia, Rock App, Icy and Installer.
If your iPhone is jailbroken, you can still protect yourself by changing the default SSH root password using the aforementioned unofficial installers.

Do’s and Don’ts on the Net

Katherine Kwan, vice-president, Product Development & Management, Consumer Group, at Hong Kong telecom company PCCW, was also at the briefing. “Cyber attackers are getting more sophisticated by leveraging on the new vulnerabilities created from the latest Internet usage behaviours,” she warns. These include being connected online most of the time, engaging in peer-to-peer downloads, explosion of social networking usage and online use by children.

Comment on this article

Accounting and Regulations

CFO innovation Asia Accounting and Regulation the Asia Pacific resource center for senior finance executives, daily news, analysis, best practice and case studies in Accounting Regulation, IFRS, US GAAP, Tax, investor relations, corporate governance, Corporate Law, Financial Regulators, Internal Audit, Audit, Corporate Law.

Auditing, Investor Relations, Law and Compliance, Tax

Finance and Banking

CFO innovation Asia, Finance and Banking the Asia Pacific resource center for senior finance executives, daily news, analysis, best practice and case studies in Corporate Finance, trade finance, treasury and risk management, capital expenditure, Banking, mergers and acquisitions

Cash and Liquidity Management, Corporate Finance, Insurance, Treasury Management

Management

CFO innovation Asia the Asia Pacific resource center for senior finance executives, daily news, analysis, best practice and case studies in Finance Management, Corporate Governance, Human Resource Management, Compensation and Benefits, Mergers and Acquisitions, Professional Development, Corporate Real Estate, Risk Management, Budgeting and Forecasting, Business Process Management, Business Process Reengineering, Outsourcing.

Budgeting and Planning, Business Expense Management, Human Capital Management, Outsourcing and Shared Services, Risk Management

Metrics

Corporates, Financial Services

Technology

CFO innovation Asia Technology the Asia Pacific resource center for senior finance executives, daily news, analysis, best practice and case studies in Finance Systems, Business Intelligence, EPR, Accounting software, CRM, Cloud Computing, Telecommunications, Business Process Outsourcing, Business Process Management Software.

Business Intelligence, Enterprise Software and Systems, Financial Systems, Security

CFO innovation ASIA