Does Your Mobile Have Spyware on It?

You have a mobile phone, you might think it’s pretty safe, but what you might not realize is that these devices can have spyware on them. Keep in mind, many of the “signs” listed below are everyday normal phone behaviors. But combined, might mean spyware. Here are some of the signs:

Unusual Background Noise

While common, humming, static, or other weird noises could be a sign that someone is tapping your line. Though all phones might have strange noises from time to time, you should check if there are other signs if you notice them. This is especially the case if you hear them when your phone is not in use.

Short Battery Life

Also common, another sign of a hacked phone is a short battery life. If you notice that your battery is suddenly losing power, it’s possible that there is malicious software running in the background. But don’t panic….yet.

Try Shutting it Down

If something seems weird with your mobile phone, try shutting it down. Watch how it reacts when you shut it down. Phones that have been hacked often won’t shut down correctly or never shut down, even though you tell it to. Still, a common issues with mobiles.

Look for Suspicious Activity

If you notice something suspicious, like your phone turning on or off by itself or apps getting installed or deleted, someone might have hacked it. Other suspicious signs that someone has hacked your phone include strange text messages that contain random letters or numbers. You might see pop-up ads or other issues, too.

Check for any Electronic Interferences

Though it might not be uncommon to get interference from other electronics, such as a computer, another phone, or even a television, it shouldn’t happen if you are not on a call. If it does, it could be a sign of something malicious, for instance, someone listening in on your phone calls.

Look at Your Phone Bill

If your phone bill shows more text or data usage than you typically use, it might be a sign that your mobile phone is hacked. Things like spyware can cause your data to rise, and this could definitely cause your bill to rise. However, keep in mind, if you just downloaded a new app, this could be the cause of your data usage. Also, make sure that no one in your home is using the data, such as your kids, who are notorious for this.

Use Caution when Downloading New Apps

Finally, when you download a new app, make sure they are safe. Most apps from the App Store or Google Play are safe, but occasionally, a malicious app will sneak in. If an app asks for access to your contact list, call history, or address book, use caution.

If you ever suspect spyware, back up your apps and reset the device back to factory then reinstall everything. Keep in mind, unless an iPhone is “jailbroken” spyware is unlikely. But with Androids, spyware is serious. Install antivirus on Androids.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Spyware sold on the Open Market

You’ve heard of spyware, right? Spyware comes in the form of a virus and as a commercially available and legal software. It’s illegal for a stranger (or even someone you know, unless they own the device, and you just use it) to install spyware on your computer or smartphone and spy on you.

2WHowever, many parents—perhaps you yourself—use this very same technology to keep tabs on their kids’ computer and smartphone activities. And it’s perfectly legal to do so. It’s referred to as domestic surveillance. And frankly, if you have a 12 year old daughter with a mobile phone, it’s not a bad idea to know what she’s up to and who she’s chatting with. If you have a 14 year old boy you definitely want to know what he’s up to because I was 14 once and dang, I was up to no good!

There are many clever apps that can monitor your kids’ online activities. Depending on their features these apps can do anything you order them to upon installation, including track where your children are in physical space, monitor their text messages, videos and photos sent and received, calls made and received and sometimes even the websites they visit. For parents, this may provide a significant degree of insight and peace of mind.

There are two versions: One lets the user know it’s running by showing an icon, and one that, while running, does not let the user know it (the second version is great for parents—but also precisely what a criminal wants).

Outside of parental monitoring, this kind of technology is considered “spyware,” though the vendors who promote these applications market them as smart ways of remotely watching over your kids.

You can clearly see how this kind of app can be abused: installed on, for instance, an ex-lover’s device. You can see those worms slithering out of that opened can. However, parameters regarding what’s legit and what’s illegal with these kinds of apps have not been universally spelled out—they are somewhat blurred.

But case-by-case incidents are making marks, such as the former U.S. sheriff who was given a probationary sentence because he installed one of these apps on his wife’s work computer to spy on her.

Protection from Spyware

Apps such as described above can be installed remotely, not just directly. You can protect your device as follows:

  • Androids have many more options for spyware whereas iPhones, unless jailbroken do not.
  • It’s crucial for your device to have some kind of spyware protection. Most antivirus programs will recognize spyware.
  • Never click on a link in an e-mail or text, as it can direct you to a malicious download.
  • Never separate from your device when you’re in public; never let anyone use it. If they claim they need to make a call due to an emergency, you can make the call.
  • Your mobile should require a password for access. A password-protected phone makes spyware installation difficult.
  • If your phone has seemingly developed a mind of its own, or it’s “behaving” oddly lately, this probably means it’s been possessed by spyware. If you believe your phone’s been bugged with spyware, then reinstall its operating system. Simply confer with the device’s user manual. Or, call the carrier’s customer service for instructions.
  • If you are considering installing spyware on someone’s device, consider the legality of your actions first, determine if the installation is one that involves an open and honest conversation or will be done covertly and then consider this: just because you can, doesn’t mean you should. Think about what you are doing and the repercussions it may have.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Hacking Voicemail is Scary Easy

Imagine someone jeopardizing your home security system by hacking your phone’s voicemail. There’s been a widely reported story of a British tabloid newspaper accused of accessing voicemail  messages of murder victims, government officials, celebrities and possibly victims of the 9/11 terrorist attack.

The story broke in response to the tabloids manipulating voicemail of a 13 year old girl who was a murder victim and soldiers who fought in Iraq and died. The FBI is apparently investigating.

It seems there is a flaw in many telecom systems that allow the snooper to check a targets voicemail as long as the voicemail believes the call is coming from that persons caller ID.

Snoopers can access readymade hacking scripts online to perform these tasks or simply enlist one of many “caller ID spoofing” services. These services allow for anyone to make a call to any number and trick the voicemail into believing it’s coming from the voicemails intended account holder.

Once the voicemail is accessed the caller may not need a PIN or access may be granted via default passwords like 1111 or 0000. When the voicemail receives a call they think is coming from the correct phone number spoofed by caller ID it automatically trusts it.

The quickest fix to protect voicemail is to make sure your voicemail requires a PIN especially when you call it from your phone. And make sure that PIN isn’t a default PIN or one that is easily guessed.

Robert Siciliano personal and home security specialist to Home Security Source discussing mobile phone spyware on Good Morning America. Disclosures.

Mobile Payment Set to Dramatically Increase

Mobile payments generally involve three participants: the mobile device, the merchant, and a financial service provider or trusted third party.

That trusted third party, or TTP, is an established, reputable fiduciary entity accepted by all parties to an agreement, deal, or transaction. A TTP authenticates and authorizes users in order to secure a payment transaction, and acts as an impartial intermediary for the settlement of payments and any problems that arise after the transaction has occurred.

There are various mobile payment delivery options. Near Field Communications is a contactless delivery system, involving a chip that is either built into the phone itself, into a card within the phone, or a sticker attached to the phone. There are also new applications that facilitate mobile payments, most of which involve a barcode that the user scans at the register.

The statistics for mobile payment are impressive. The U.S. mobile payment industry encompasses a number of categories, including mobile bill payment, mobile point of sale, m-commerce, and mobile contactless. Mobile bill payment, in which consumers pay bills via mobile phone, currently makes up the bulk of the U.S.’s mobile payment industry. Mobile point of sale, in which a consumer’s phone is used as a point of sale device, accounts for just over 5%, but is expected to grow by 127% in the next five years, to $54 billion in transactions. Mobile contactless is expected to grow 1,077% by 2015. The gross dollar volume of mobile payments overall is expected to grow 68% by 2015.

This is all very exciting, but the Payment Card Industry Standards Council is not yet granting approval to any mobile payment applications. With the explosive growth of the mobile payment industry, they are holding off and waiting to see which technologies rise to the top. This shouldn’t be a concern for mobile phone users, though, since the merchant, rather than the customer, undertakes the bulk of the risk.

Meanwhile, as you increasingly use your phone for mobile payments, be aware that the phone correspondingly increases in value to thieves and hackers. So keep track of your cell phone. You wouldn’t leave your wallet on a bar and walk away, and you shouldn’t do that with your phone, either. And be cautious when visiting websites on your phone’s browser, clicking on links, or responding to text messages.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses mobile phone spyware on Good Morning America. (Disclosures)

mCrime Takes A Leap Into Profitability For Criminals

Cellular phones are becoming a bigger target for crime. As smartphones continue replacing landlines and billions of new applications are downloaded, mobile crime, or mCrime, will inevitably increase.

McAfee’s threat report for the fourth quarter of 2010 reveals steady growth of threats to mobile platforms. New mobile malware increased by 46% in 2010. 20 million new threats were discovered last year, or 55,000 per day. McAfee Labs has identified a total of nearly 55 million pieces of malware. 36% of that malware was created in 2010.

Senior VP of McAfee Labs Vincent Weafer says, “Our Q4 Threats Report shows that cybercriminals are keeping tabs on what’s popular, and what will have the biggest impact from the smallest effort… In the past few quarters, malware trends have been very similar in different geographies, but in the last quarter we’ve seen a significant shift in various regions, showing that cybercriminals are tapped in to trends worldwide. McAfee Labs also sees the direct correlation between device popularity and cybercriminal activity, a trend we expect to surge in 2011.”

Protect yourself from malware and other threats. Spyware can be remotely or directly installed on your cell phone. Never click on links in texts or emails, since links may point toward malicious downloads. Keep your phone with you. Don’t let it out of your sight and don’t share it. Make sure your phone requires a password, as this makes it more difficult to install spyware.

If your phone is behaving oddly or you have some other reason to suspect that it contains spyware, reinstall the operating system. Consult your user manual or call your carrier’s customer service for step-by-step help with this process.

Invest in a service that can locate, lock, or wipe your phone, and even restore your data when you trade it in for a new one. If necessary, you’ll be able to lock down your service remotely or wipe out important stored data to protect your privacy. You can back up your data directly or use the web to so remotely. You can access your data online from anywhere, or locate your missing phone and plot the location on a map. If it’s lost or stolen, SIM cards and phone calls can help get it back for you.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses mobile phone spyware on Good Morning America. Disclosures