1. News
  2. Identity theft

"Smishing" Emerging As New Threat To Cell Phone Users

You don't have to use a computer to be vulnerable to online scammers. Increasingly, cell phone and other mobile device users are being targeted with mobile spam that attempts to trick them into revealing personal information.

Known as "smishing," these text messages might ask a recipient to register for an online dating service -- then try to sneak a virus onto the users' device. In addition to virus-like "worms," which can spread through and disrupt a network, other scams are surfacing.

Some messages warn that the consumer will be charged unless he cancels his supposed order by going to a Web site that then extracts such credit card numbers and other private data.

"Smishing" is derived from the familiar "phishing." The "sm" comes from SMS, the protocol used to transmit text messages via cellular devices.

Some of the new smishing techniques are downright insidious, including mobile spyware that once downloaded to a phone can eavesdrop on conversations.

For now, these more extreme threats are rare, but with most mobile phone users blithely unaware of the danger, security experts expect hackers and other criminals to increasingly exploit the available technology.

It's a growing concern for managers of large business networks, who are only now beginning to imagine the threat to enterprise networks once hackers learn how to fully exploit smishing techniques. Most large enterprises have thousands of employees, using a variety of devices to access their networks.

"Despite their best efforts to issue safety guidelines, IT security staff cannot control human behavior -- especially in light of the fact that mobile users have not yet learned to treat their phones with the same level of concern that they apply to their laptops," security experts at McAfee warned on their Web site.

"Mobile devices present a serious challenge to data security, with the potential to infect both carrier and enterprise networks."