What's the best way to protect against Trojans on mobile phones, particularly those that try to steal SMS messages?
Is there a way to encrypt SMS messages between mobile phones in the enterprise?
Best practices for securing a smartphones have been covered in some of our recent Ask the Expert questions. The same security steps to secure your smartphone will protect it from mobile Trojans that steal SMS messages. Many applications that install on Android-powered smartphones request more permissions than necessary, and may even request permission to SMS messages when not needed. Users may not carefully review the access they grant to an application when it’s installed and may unnecessarily allow an application access to SMS messages. Users should carefully review if an application needs access to SMS messages before granting the access and installing the application.
Encrypting text messages can help protect against rogue or Trojan applications that steal SMS messages. There are ways to encrypt SMS messages between individual mobile phones using freely available applications for Android smartphones. For example, WhisperSystems TextSecure allows you to send and receive encrypted text messages and encrypts the text messages stored on your smartphone. Both the sender and the receiver need to have TextSecure installed, but the software requires no other configuration other than a password. Using this application could enable the secure usage of SMS messaging. Commercial applications like Protected SMS can be used for corporate usage.
Dig deeper on Smartphone and PDA Viruses and Threats-Setup and Tools
Related Q&A from Nick Lewis, Enterprise Threats
Expert Nick Lewis explains how to keep call center employees from getting duped by social engineering scams and pretexting.continue reading
Researchers reportedly succeeded in extracting decryption keys using sound-based attacks. Is this a threat enterprises should worry about?continue reading
The amount of malware using peer-to-peer communications has increased dramatically. Enterprise threats expert Nick Lewis explains how to detect P2P ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.