As more people switch from traditional cellphones to smartphones, worries have increased that users will fall prey to the same virus and malware problems that can plague personal computers.

Share story

As more people switch from traditional cellphones to smartphones, worries have increased that users will fall prey to the same virus and malware problems that can plague personal computers.

Industry experts say they’re managing to keep ahead of that threat.

What they are more worried about is a simpler issue: identity theft when a phone is lost or stolen.

With the iPhone and other smartphones, a few taps or clicks can access e-mail accounts, check bank balances, update a Facebook profile and call up calendars and photos.

“What’s really going on today is fraudsters and cybercriminals are looking to steal data,” said Peter Beardmore, director of product marketing at security company Kaspersky Lab.

“A mobile phone is not a good candidate for a botnet like you have in the PC world, where it can enslave your computer and let it do work to send spam or whatever,” he said. “But (a mobile phone) is a great candidate to steal user data from.”

Although concerns about mobile malware and viruses have circulated in industry circles for years, there have been few reports of real threats to consumers.

That’s in part because infection is a numbers game, meaning perpetrators go after devices in mass quantities, and there are far more PCs in circulation than smartphones.

Wireless carriers in the U.S. also catch some threats, such as spam text messages, before they reach consumers.

“What we’ve been able to do is learn a lot from the PC experience, and we have put some different technical programs into place that have done a very good job of blocking viruses and spam messages,” said John Walls, vice president of public affairs at industry group CTIA — The Wireless Association.

Because viruses and malware remain a distant threat to mobile phones, security companies are concentrating their efforts on preventing old-fashioned loss and theft.

“Your average consumer’s main concern about their mobile phone is about losing it or having it stolen,” said Dave Cole, senior director of product management at Symantec.

This month, as part of an effort to broaden its Norton line beyond PC security, Symantec is launching an application for Google’s Android operating system that allows users to remotely lock down or wipe their phone by texting a code to the device.

Symantec’s product is not the first of its kind to hit the market. But consumer awareness of mobile-security issues is still relatively low, given that threats have been rare and smartphones are just beginning to take off outside of the BlackBerry-toting business world.

According to research firm Gartner, worldwide smartphone sales hit 54.3 million in the first quarter, up 48.7 percent from the same period in 2009. These devices represented 17.3 percent of mobile-handset sales in the first quarter, compared with 13.6 percent in the year-earlier period.

More users could protect themselves by setting a PIN for their device, a simple safeguard that many people neglect, said Randy Gross, chief information officer at the Computing Technology Industry Association. He also advises backing up a phone’s data.

The popularity of third-party applications, such as those available for the iPhone or Android devices, provides another potential avenue for cybercriminals to attack smartphones.

So far, carriers, device manufacturers and other industry players have done an effective job of vetting applications from outside developers, Beardmore said. But he and other security experts advise that consumers stick with programs from trusted publishers.

One of the biggest challenges for the wireless industry is consumer education about the phones.

“This thing is living and breathing and working all the time,” Walls said. “If a carrier is telling you that there’s a certain update or upgrade you can easily access to make yourself a little bit safer, take advantage of that.”