Smishing
Latest
Android 'smishing' vulnerability discovered by NCSU researchers; Google has a fix incoming
The art of smishing (SMS-Phishing) has been practiced for some time, but a discovery by the wizards at NC State University has uncovered a new vulnerability that could bring the aforesaid act back into the spotlight. Xuxian Jiang's research team recently identified the hole and confirmed that it impacts Gingerbread, Ice Cream Sandwich and Jelly Bean. Put simply, if an Android user downloads an infected app, the attacking program can "make it appear that the user has received an SMS, or text, message from someone on the phone's contact list or from trusted banks." This fake message can solicit personal information, such as passwords for user accounts. The team isn't going to disclose proof until Google patches it up, but the school has said that Google will be addressing it "in a future Android release." For now, however, Jiang recommends additional caution when downloading and installing apps from unknown sources, while also suggesting that folks pay close attention to received SMS text messages.
McAfee Virus Scan hits Windows Mobile 5.0
Windows Mobile users worried about viruses and other nastiness invading their precious little devices now have another weapon in their arsenal, with McAfee releasing it's VirusScan Mobile software for Windows Mobile 5.0. Available in both standard and Enterprise editions, it'll ward off viruses, worms, trojans, and other attacks, including what some (but not many) refer to as "SMiShing", or phishing scams attempted via SMS, and it'll stop 'em at all corners, including WiFi and Bluetooth. A free 30-day trial's available now for direct download to your device from McAfee's mobile website, with the standard version running you $29.99 for a one-year subscription.[Via Geekzone]
