Knock-off mobile devices are fertile ground for the cyber-criminal

knock-off-phone

I read an article in the Los Angeles Times recently that opened my eyes as to how vulnerable we are when it comes to consumer technology. The article, “Fake iPods and iPhones are seized from downtown warehouses,” tells me that we now have to worry about knock-off consumer technology just as we worry about knock-off designer clothes.

The title of the article pretty much says it all. The L.A. Port Police seized more than $10 million in counterfeit iPods, iPhones, and other items from a downtown warehouse. I immediately thought about what fertile ground this is for the cyber-criminal.

What if those fake devices were actually loaded with a feature that allowed the data they hold to be copied to a server where it could be auctioned off to the highest bidder? And what if that data included a record of your online banking transactions complete with your passwords?

This isn’t unfathomable, and counterfeit IT equipment has plagued many organizations for years. Large organizations, companies, and government agencies usually procure goods from trusted suppliers, and there are assurances that come with those transactions.

But the lowly consumer looking to get a good, cheap laptop, tablet PC, or smartphone, might scroll through countless websites to find the best deal. When paying half the price from a no-name outlet, they’re not thinking about who’s fiddled around with the device or loaded key stroke logging software. They’re thinking of the savings.

Two months later, if they become a victim of identity theft and their entire life savings is wiped out, who’s to blame? And what is the risk to the consumer’s employer if he or she uses the device to conduct business? Purchasing devices from a trusted source should be the #1 safeguard for consumers and enterprises.

I’m not implying that you can’t get a good deal buying a used device from a lesser known Web vendor, but you should be aware that it could result in you becoming a victim of cyber-crime.

The Los Angeles Times article went on to say that, along with the confiscated equipment, the authorities found receipts indicating more than $7 million in profits. That’s a lot of devices now in the hands of average consumers, and a lot of potential identities at risk.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Patricia Titus is vice president and global chief information security officer for Unisys. Patricia is responsible for enhancing the existing network security and policies supporting Unisys global employees, while ensuring the continued protection of sensitive corporate and customer data. Prior to joining Unisys, Patricia was the chief information security officer at the Transportation Security Administration within the Department of Homeland Security, where she focused on creating, implementing and maintaining a robust IT security program. Patricia worked overseas in various positions within the U.S. Department of Defense, the U.S. State Department and various private sector firms.