Smartphone Scam: Fake Angry Birds Result in £50,000 Fine.

The majority of malware attacks on smartphones come in the form of spyware and SMS trojans.  A UK company was fined £50,000 (approximately $78,000) for dabbling in the latter.  One key aspect of smartphone data protection is to download apps from reputable sources only.

Secretly Spoofed Apps Send Premium SMS

According to, a company uploaded trojans into app markets.  These trojans were in the form of popular apps like Angry Birds and Cut the Rope.  Unlike the legitimate apps, once the app was downloaded to a smartphone, it secretly ran code in the background.

Each victim’s phone sent three premium SMS at £5 each (about $7).  1,391 UK citizens were affected (which equals to £27,850, or $43,500), but it is estimated that there were over 14,000 downloads worldwide.

The fraud was put to stop by PhonepayPlus, a UK telephone industry regulator.

SMS Trojan and Spyware Account for Majority of Attacks

According to the Juniper Networks 2011 Mobile Threats Report, the majority of mobile threats come as spyware and SMS trojans.  There are other threats, too, such as fake installers, browser-based threats (such as a drive-by infection, where all a user has to do is visit the site), connectivity hacks, and the traditional data breach source: loss or theft of a mobile device.

But, spyware and trojans occupy half the known attacks, and of the two, SMS Trojans are a sure-fire way of getting paid for one’s illicit activities (spyware would require a second step where a hacker takes the data and tries to monetize it).

How does one protect from such threats?  Seeing how the apps look no different from their legitimate siblings, it’s not easy.  The use of mobile antivirus is one way to protect oneself.  Another is to forego downloading apps from third-party sites.

If the goal is to minimize the risk of a data breach and achieve high levels of data security, though, you also need to pay attention to other threats, including the potential risk of your smartphone (or tablet) being stolen.  Ensure your encryption is activated and that your password is strong.  And don’t leave your smartphone lying unsecure, such as in an unlocked gym locker.

Related Articles and Sites:

Comments (0)

Let us know what you think