We've all been deluged by annoying, unsolicited e-mails: an offer for free Viagra or a job that "guarantees" a $1 million paycheck. Deleting spam from the office PC is a morning ritual that ranks right up there with standing in a long line at the coffee shop. But it's about to get much worse: Spam is creeping onto an even smaller screen, your cell phone.
Steadily, more text and voice spam are invading handsets. Wireless users in the U.S. will receive about 1.1 million spam text messages this year, up 38% from 2006, estimates messaging specialist Ferris Research. By next year, mobile spam messages are expected to hit 1.5 million. That's far from an epidemic--it pales next to the 250 million Americans who use wireless services--but security experts and wireless consultants warn that phone spam will grow in coming years. Viruses and surreptitious code that monitors a phone's use may be next. "Wireless phones are a brand-new attack target for the hackers," says Tom Bowers, senior security evangelist with Kaspersky Lab, a software vendor.
Normal e-mail spam is bothersome. But mobile spam also can be expensive. Consumers, especially in the U.S., are charged for receiving their text messages--sometimes as much as 20 cents per message. Spammers, using automated dialers, can shoot millions of texts to random cell-phone numbers. Phone companies intercept many of them; in May, Verizon Wireless sued telemarketers that it said had "inundated" the company with more than 12 million unsolicited commercial text messages. Verizon said it blocked all but 4,618 from reaching customers, but the torrent still hit them with unwanted charges and clogged networks.
Receiving unwanted text messages isn't the only problem phone users face. Illegal operators, often working overseas where call centers are cheaper to run, use automatic dialers to send voice spam or "SPIT" (spam over Internet telephony) to cell phones. Even if the calls go unanswered, they cause cell phones to ring. "The more provocative problem with mobile phones is the stuff beyond text messages and e-mail," says Paul Catalano, a partner at tech consultancy RelevantC Business Group.
Phones, after all, are morphing into handheld computers. We receive e-mail on them, keep our calendars and contact lists on them, browse the Internet, even edit files. Worldwide annual sales of smartphones with PC-like operating systems will grow by 150% over the next four years, to 294 million in 2011, says researcher In-Stat.
Google's (GOOG) plan to offer Android, an "open" phone operating system akin to the Linux PC operating system, raises additional questions. When it arrives next year, Android will be open to both well-meaning developers and, conceivably, spam propagators to tinker with before it winds up in phones. Until now, carriers have kept their systems closed to outside developers and to consumers wanting to customize. Whatever that might have cost in thwarted innovation, it kept spam and viruses somewhat in check. Carriers planning to offer Android phones say they will screen developers. T-Mobile USA spokesman Peter Dobrow says in an e-mail: "It's important to safeguard the privacy and security of our customers, as well as protect the integrity of our network."
Still, it seems inevitable that as more hands are able to edit and use phone software, incursions will rise. Says Ken Silva, chief security officer for security software maker VeriSign (VRSN): "Unfortunately, that which makes our life more convenient usually makes it less secure."
Join a debate about spam and e-mail
By Roger O. Crockett