Finland's Regulator Publishes Mobile Safety Guide
Finland's telecoms regulator, Ficora along with several industry partners has updated its mobile safety guide - last published in 2006. A TNS Gallup was commissioned to carry out an interview study of the most typical information security incidents related to the use of mobile phone. The target group of the survey were 15-79-year-old mobile phone users in Finland. The survey was carried out in May of 2007.
The survey asked whether the mobile phone user had changed his or her default PIN code to a code of their own choice. On the store shelf, the default PIN code of a mobile phone subscription is usually 1234 or 0000.
As many as 35% of the respondents had not touched the factory settings. Those who had changed their PIN codes were most likely found among the young and students: in both groups, 73% had added their own PIN code on the phone.
Calls may be made and messages may be sent to the mobile phone in an effort to commit a fraud against the user. The intention behind a call from an unknown number may, for example, be to lure the mobile phone user into calling back to a toll number.
Forty percent of the respondents replied in the affirmative to the question "Will you call back if you have received a call from an unknown number?". Entrepreneurs would call back with the greatest certainty as 67% of them replied in the affirmative. Among those who most often preferred not to call back were the retired: 65% of them replied "No" to the question.
Mobile phone users do not install unknown programs on their phones. Ninety-six percent of the respondents replied in the negative when they were asked "Will you give a permission to install a program on your phone if the phone so suggests, although you do not remember having ordered it?".
The malicious software may repeatedly ask for a permission to install. That is why the user may push any button, including the Yes button, on his or her mobile phone in order to get rid of the annoying request, and simultaneously installs the malicious software on his or her mobile phone. Malicious software may be provided via an open Bluetooth connection, for example.
While the guide is well meaning, and generally sensible - the idea that the best way to disconnect a Bluetooth connection is to get up and walk away seems a bit odd (if not inconvinient), considering that the user could simply switch it off via the handset menu.
The guide is available on the regulator's website.
Posted to the site on 25th September 2007