PhonepayPlus begins to notice the looming threat posed by PRS SmartPhone apps

[mike99]

PhonepayPlus explains how consumers can take steps to guard themselves against malware (which - since PP+ will, on past form, do bugger all to protect us - will probably be essential if you have a smartphone and don't want the firms which PP+ "regulates" to steal from you).

Regulator joins forces with UK telecoms industry to tackle smartphone malware

19 April 2012

PhonepayPlus, the UK regulator of premium rate telephone services (PRS), today hosted a summit involving the mobile industry, internet security experts, law enforcement bodies and GetSafeOnline to tackle the emerging threat of PRS malware attacks on smartphones. The summit was the first meeting of its kind and agreed to take steps to develop greater intelligence sharing between industry, regulators and law enforcement to help early detection and disruption of mobile malware attacks. The summit also agreed on the importance of ensuring that consumers are properly informed about malware risks and the appropriate steps they can take to help protect themselves.
Malware involves the insertion of malicious coding into computer programmes or applications. This can result in “trojanised” apps that may appear totally normal to consumers, but are, for example, programmed to dial premium rate numbers from the consumer’s handset without their knowledge or consent. Malware has been around in the PC environment for a number of years. PRS malware in the mobile environment is relatively new and is still small in scale compared to malware on PCs. However, the rapid development and penetration of smartphones clearly creates opportunities for malware on mobiles to become more prevalent. The House of Commons Science and Technology Select Committee’s recent report on malware and cybercrime states that while approximately one in three adults use a smartphone, ‘there is a distinct lack of understanding around related security issues’ – and it reported that there was an 85% increase in malware detections on one platform in the first six months of 2011.
Today’s summit and the actions emerging out of it represent a commitment by all the parties involved – regulators, industry, law enforcement and consumer information bodies – to deal proactively with this threat. The objective is to ensure that the UK continues to be a market that is well protected against online criminal fraud, so that consumers can continue to use premium rate and other mobile services with confidence. The general message to consumers is that they should not be unduly alarmed and they should bear in mind that the UK is a well protected jurisdiction. However, they should be aware that malware attacks can happen on their mobile and they should take appropriate security precautions, as they do on their PC.
Simple steps consumers can take now to guard against malware are:
Treat smart mobile devices in the same manner as desktop computers
Stick to reputable app stores
Be aware of clicking on in-app ads and notification messages
Trust your instincts – if the app or offer seems too good to be true, it probably is
If you think you may have been charged without consent or you may have downloaded smartphone malware that abuses premium rate services, contact PhonepayPlus on 0800 500 212

Speaking directly after the summit, PhonepayPlus’ Chief Executive, Paul Whiteing, said:
“We are delighted with today’s outcome and agreement. Together we are determined to ensure ensuring that the UK remains a world-leader in digital and m-commerce, ensuring consumers get the best digital deal and that UK business can build a sustained and satisfied consumer base. We know regulation works and that major malware attacks involving premium rate have so far happened in regions with less-rigorous regulation. However our best defence against mobile malware is working together with industry, security experts, the police, consumer groups and government to protect consumers.”

Hamish MacLeod, chair of the Mobile Broadband Group, also commented:
“This is an initiative that works for both consumers and the telecoms industry in the UK. We know our customers enjoy the many innovative services and products that smartphones open the door to. What we have agreed today will help us to protect our customers and ensure that malware merchants do not get a foothold in the UK market.”

Tony Neate, Chief Executive of Get Safe Online, added:
“In the last couple of years, fraudsters have intensified their efforts to target web users via the mobile phones. It’s no longer a ‘new trend’, but a very real threat, hence it’s been a key focus of our consumer education campaign. We are pleased to be working with PhonepayPlus, wider industry, law enforcement and others to ensure that consumers get the information they need to use the mobile internet confidently and securely.”

Of course what PhonepayPlus, the mobile industry, and law enforcement bodies will never ever do is allow phone users to simply opt out of ALL PRS so that we can never be billed for phoning a PRS number - no matter what wheezes this industry comes up with for channeling money through legitimate network providers into the pockets of organized criminals.