Cell phone spoofing isn't a new problem. It's where someone sends a text message from one phone and makes it look like it is from a phone you know -- phishing through SMS, if you will. It also can be used in voice messages and fake phone calls. Search around the Web for information on spoofing, and you'll find sites that tell you that spoofing is for "playing tricks" or "joking," but also for sending viruses and worms or scams.
As more of us use smartphones as a primary data communication tool, spoofing is likely to increase and become more dangerous. At least that's the thought of MacDonnell Ulsch, CEO and chief risk analyst at ZeroPoint Risk Research, who spoke to the topic at Cellcrypt's conference on "How Vulnerable Are Your Cell Phones?" (Registration required.) He said:
I don't know how widespread it is, but I can tell you when it comes to the theft of intellectual property and trade secrets, spoofing is one of the tools that is used to try and get other people to send documentation to you.
Ulsch added that he believes spoofing is involved with a very organized effort, used by foreign governments trying to acquire key technologies and organized crime organizations that use it for money laundering. It's important for companies to include spoofing into their security plans and in security-awareness planning, he said.
In a report posted on the WISTV Web site:
Spoofing can be dangerous because it can be used for such nefarious purposes as checking someone's unprotected voicemail and calling from a local bank asking for sensitive information.
Or it can be used to appear that it is a request coming from a business colleague asking for work-related data.