AVG (AU/NZ) Continues its Series of Security Hints and Tips for Business

Melbourne, 5 May 2010.  Today’s smartphones are, to all intents and purposes, miniature laptops. Many of the latest generation of smart phones run applications concurrently, just as their big brothers, the netbooks, do. Social networks have expanded exponentially at the same time, and those networks are spawning applications by the thousand every day. Facebook now has more than 400 million users and a million of those users are writing Facebook applications. Many of these apps will run happily on a mobile phone, and in fact are being demanded by mobile phone users.

While the phones themselves are rarely hit by viruses or worms (yet), they can help to spread malware when connected to a network, just like USB drives. Hackers and criminals have also been known to use text messages to direct unsuspecting users to infected web sites, according to Lloyd Borrett, Marketing Manager at AVG (AU/NZ).

“These messages, supposedly from a legitimate company, may try to convince you to visit a malicious web site by claiming that there is a problem with your account or stating that you have been subscribed to a service. Once you visit the site, you may be lured into providing personal information or downloading a malicious file,” Borrett warns.

Other risks with smartphones relate to downloading content. Borrett’s advice is for companies to warn employees not to download games or other unnecessary applications onto business-owned phones, just as they should not download such applications onto their work computer.

“There are many sites that offer games and other software you can download onto your cell phone or PDA.  This software could include malicious code. Avoid downloading files from sites that you do not trust. If you are getting the files from a supposedly secure site, look for a web site certificate. If you do download a file from a web site, consider saving it to your computer and manually scanning it for viruses before opening it.”

Aside from e-mail and web access, other ways criminal code could gain access to a mobile device is via the wireless networking technology known as Bluetooth. Borrett’s advice when it comes to Bluetooth is to ensure employees know to keep it switched-off when it is not needed.

“Make sure that you take advantage of the security features offered on your device,” Borrett says. “Attackers may take advantage of Bluetooth connections to access or download information from your phone. Disable Bluetooth when you are not using it to avoid unauthorised access.”

Smartphones are also increasingly being used for purchasing goods and services, which makes them a primary target for cyber thieves. According to AVG’s chief research officer Roger Thompson, “Viruses have, and will continue, to make it onto mobile devices from time to time. Just last month, we had a couple of iPhone viruses (or, more correctly, worms), but a virus is really only a virus if it spreads, and the malicious software we’re going to see infecting mobile devices will be much more subtle than your typical virus.”

Mobile malware will log keystrokes and snoop out user ids and passwords from mobile devices, according to AVG’s Thompson. “There will also be malware that transmits information about our browsing habits to its masters, who will use that information to decide what ads to serve us,” he says. “It’s quite likely that the more nefariously-inclined will build up databases of background information about us, to be used to profile us for future criminal activity.” Please feel free to read more of Roger’s thoughts on this topic at http://thompson.blog.avg.com/2009/12/virus-migration-from-desktop-to-mobile.html.

The Australian government web site “Stay Smart Online” www.staysmartonline.gov.au explains you can tell if your mobile phone has been infected with malicious software, if:

• there is a sudden large increase in your phone bill with no clear reason

• your phone has e-mails and messages in the sent folder that you did not send, or

• the user interface has changed without you taking any action to change it.

If you notice any of those things, you should contact your mobile phone manufacturer and/or phone company for instructions on how to remove the malicious software. 

For more information on securing your mobile phone, please visit http://www.staysmartonline.gov.au/secure_your_mobile_phone.
See also the following blog entries by AVG CEO J.R. Smith:

• Mobile World Congress – Vision in Action
  (http://jrsmith.blog.avg.com/2010/02/mobile-world-congress—vision-in-action.html)
• How will smart phones and social networking affect cybercrime? (http://jrsmith.blog.avg.com/2009/12/how-will-smart-phones-and-social-networking-affect-cybercrime.html)

About AVG (AU/NZ) Pty Ltd — www.avg.com.au

Based in Melbourne, AVG (AU/NZ) Pty Ltd distributes the AVG range of Anti-Virus and Internet Security products in Australia, New Zealand and the South Pacific. AVG software solutions provide complete real-time protection against the malware, viruses, spam, spyware, adware, worms, Trojans, phishing and exploits used by cyber-criminals, hackers, scammers and identity thieves. AVG protects everything important and personal inside computers — documents, account details and passwords, music, photos and more — all while allowing users to work, bank, shop and play games online in safety. AVG provides outstanding technical solutions and exceptional value for consumers, small to medium business and enterprise clients. AVG delivers always-on, always up-to-date protection across desktop, and notebook PCs, plus file and e-mail servers in the home and at work in SMBs, corporations, government agencies and educational institutions.

AVG products actively protect over 110 million users worldwide, including more than 4.6 million users in Australia and New Zealand.

AVG (AU/NZ) has more than 3300 resellers across Australia, New Zealand and the South Pacific.