Q

Mobile device protection: How to thwart SMS Trojans

Expert Nick Lewis explains how to properly secure a smartphone in order to thwart Trojans that steal SMS messages.

What's the best way to protect against Trojans on mobile phones, particularly SMS Trojans that try to steal SMS

messages? Is there a way to encrypt SMS messages between mobile phones in the enterprise?

Ask the expert!

Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)

How to secure a smartphone in the enterprise has been covered in a previous Ask the Expert question, and he same security steps will likewise protect smartphones from Trojans that steal SMS messages.

Many applications, especially those installed on Android-powered smartphones, will request more permission than necessary and may even request access to SMS messages when not needed. Users may not carefully review the access they are granting to an application when it is installed, and may allow an application access to SMS messages when not necessary. This user behavior is exactly what attackers try to exploit. Instruct users to carefully review if an application needs access to SMS messages before granting it permissions and/or installing the application.

To further protect against rogue or Trojan applications that could gain access to SMS messages, users can encrypt the messages. There are ways to encrypt SMS messages sent between mobile phones using available applications. TextSecure is one product that allows users to send and receive encrypted text messages in transport and store them on the smartphone. Both the sender and the receiver need to have TextSecure installed, but this process requires no other configuration besides a password. Using this application could enable the secure usage of SMS messaging. There are also commercial applications like Protected SMS that can be used in the corporate environment.

This was first published in April 2012

Dig deeper on Smartphone and PDA Viruses and Threats-Setup and Tools

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close