Click to View

McAfee has update the standard and enterprise editions of its VirusScan Mobile anti-virus product to support Windows Mobile 5.0 Pocket PCs and Smartphones. The software aims to protect users from all types of mobile malware, including viruses, Trojans, worms and what the company is calling 'SMiShing' - phishing scams perpetrated via SMS (more on this below).

VirusScan attempts to block the bad stuff from coming in through SMS, MMS, Bluetooth, Wi-Fi, e-mail, IM, Internet downloads, and other entry points by scanning all messages and attachments, for example, as they are received.

Infected files are automatically detecting and cleansed, McAfee says. It updates silently in the background without intervention on the part of the user.

McAfee says another intention of the application is to prevent users from unintentionally spreading malware to others, which for enterprises can pose a serious threat to the network.

A fee 30-day trial of the standard edition is available, after which it goes for $29.99 for a one-year subscription. VirusScan mobile as a direct download to Windows Mobile 5.0 devices here.

"The need for mobile virus protection has never been greater," said Victor Kouznetsov, senior vice president of mobile technology at McAfee. "As organizations extend their mobile workforces, the need to protect a broader range of platforms becomes more critical. Now, users of Windows Mobile 5.0 can have the same worry-free experience as other mobile device users."

More on SMiShing
McAfee's Avert Labs claimed to have identiy and name SMiShing back in August. With SMiShing, consumers recieve a text messages attempting to get them to click a URL, which in turn dowloads a Trojan horse that allows hackers to control their handset and use it for malicious activities, such as denial of service attacks, installing keylogging software and stealing personal account information.

To McAfee SMiShing is yet another example of how moble devices are becoming increasingly popular vehicles of mayhem and profit to perpetrators of malware, viruses and scams.

With SMiShing, consumers receive SMS messages along these lines: "We're confirming you've signed up for our dating service. You will be charged $2/day unless you cancel your order at our Web site."

While some folks may recognize this as a scam right away, others might not. The unaware, fearful of incurring premium charges on their bill, click on the link and are prompted to download a program that turns out to be a Trojan.

McAfee warned at the time that although this scamming method may soon become a real annoyance to end-users, it could prove a serious security threat to enterprisess "once hackers learn how to fully exploit SMiShing techniques," according to McAfee mobile threat researcher David Rayhawk.

Rayhawk pointed out, as many have done before, that IT cannot control human behavior, which would be the first line of defense against SMiShing. If an employee avoids clicking on a SMS message URL, then you won't have any SMiShing problems.

He said enterprises have yet to learn to treat their mobile devices like laptops. That is, Rayhawk explained to PDAStreet, "The number one issue with smishing attacks - like any phishing attack - is to educate users into treating their smartphones with the same (or better) level of caution as they do with their traditional PCs."