Smartphone virus hype dismissed

A mobile phone support company has hit back at research into the public's growing awareness of mobile malware, saying that the latest figures reveal a gulf between "perception and reality"

A company which handles support for major mobile operators has hit back at research published at the end of April by antivirus giant Symantec that suggested users are wising up to a growing threat of mobile phone viruses.

WDSGlobal claims the threat is being blown well out of proportion and the latest figures reveal a gulf between "perception and reality".

Symantec claimed 73 percent of smartphone users are aware of viruses and attacks aimed at their handsets and while that may be encouraging in a 'better safe than sorry' way, Doug Overton, head of communications for WDSGlobal, believes we shouldn't lose sight of the fact such problems are very few and far between.

WDSGlobal handles data support calls for HP, Nokia, Orange, Sony-Ericsson and T-Mobile, and Overton said in the last quarter it received just 10 end user enquiries about smartphone viruses, out of the 275,000 calls it fielded — that equates to 0.0036 percent of all calls.

Overton believes awareness of potential future threats is no bad thing, given how far end users tend to lag behind threats when they do emerge "but what isn't acceptable is scaremongering and hype".

"If you look at the viruses out there currently there are about 14 core viruses, the majority of which are fairly benign. They are mostly developed as proof of concept to warn manufacturers of handsets and operating systems or the antivirus industry about potential vulnerabilities," said Overton.

In fact, mobile phone viruses are so few and far between that when the BBC wanted to film one executing it took Overton and his colleagues three days searching the Internet just to find the code for one such virus.

"There are a few nasties out there which will do some damage, such as Skulls which will destroy your phone," said Overton but he added any real instances of infection are almost, if not entirely, non-existent.

"These things will only infect complex operating systems, so already we're talking about only four percent of handsets," said Overton. "And unlike PC viruses there is no backdoor. If a virus tries to launch on somebody's phone they are going to get a warning that something is trying to do something to their handset."

Overton added that the requirement of many concept viruses to spread via Bluetooth means their propagation is also severely restricted.

However, as with PC viruses, Overton said mobile phone viruses may well evolve and one day become an issue for more serious concern.

Renowned security expert Bruce Schneier, CTO at Counterpane, believes mobile viruses and attacks shouldn't be discounted altogether, though he believes they aren't registering on any significant scale currently.

"We'll probably see more when mobiles are being used for finances," he said, suggesting attacks targeting micro-payments could be a popular goal for virus writers — though probably still some way off. This echoed a comment by Ekram in Symantec's report, who said: "We were surprised by the sheer number of people already doing transactions, disclosing confidential information or using online banking, and you can guess that is where the future attacks will be aimed."

Overton doesn't believe security fears will hamper the sales of smartphones.

"I'd be very surprised if somebody downgraded their choice of phone based on virus and security fears."