Mobile Malware and Crowdsourcing

In a recent post at Connected Planet, Alex Leslie points out how smartphone owners are at risk from a variant of the classic PC ‘rogue dialer’ fraud; see here. Put simply, users download an app which then unexpectedly sends a lot of texts to a PRS number. Meanwhile regulators are becoming aware of the need to close the loopholes. For example, the UK PRS regulator, PhonepayPlus, has instigated a public consultation on how users should be informed about app-based mobile payments; you can find the consultation here. As Alex points out, part of the solution may depend on the users themselves, by ensuring their intelligence about new exploits is recycled into a rapid response that deals with the criminals. Crowdsourcing knowledge about mobile malware could follow a similar template to how Facebook pays bug bounties. However, in the case of mobile malware, there will also be value in operators sharing information in order to limit the damage done by the PRS crooks. It is better for the operators to attack the source of the problem – the criminals – than let customers rack up huge bills and then try to deal with their complaints.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.