eCrime follows the user, over the decades victimizing people and enterprises through telegraph, telephony and Internet technologies. The next frontier, one already well broached by criminal syndicates, is the wireless internetworked handheld device and its supporting infrastructure. Owners of the newest generation of smartphones attached to GSM IP ranges or auto-connected to local WiFi networks should understand that the convenience of their Internet-tethered web, media, and email services, comes with a (potentially) steep price. Internet-tethering phones that support complex applications and network services is a complete game changer.

Unlike the previous generation of cell phones that were, at their worst, susceptible to local Bluetooth hijacking, modern Internet-tethered cellphones are today susceptible to being probed, fingerprinted, and surreptitiously exploited by hackers from anywhere on the Internet. It is an interesting proof of concept that much of the functionality we have grown to expect from PC-based botnets can be easily migrated to light-weight smartphone application.

Predictably, phishing attacks and scams have been intermediated by handheld wireless devices and this trend shows no signs of abating. National and rural cooperative banks alike are being attacked through SMS messaging. Syndicates are even attacking 3G infrastructure to defraud billing systems. Every day, new exploitable security exposures are documented on cell phones and handheld wireless consumer computing and communications devices. Given this shift in the frontier of eCrime and the need for organizing insights into the criminogenic aspects of wireless devices, the APWG has organized a new working group upon the recommendation and interests of its members and research fellows.

Mission Statement: The APWG Wireless Device Fraud Working Group will investigate the expansion of eCrime on the wireless frontier, including the latest criminal advances in wireless-device specific crimeware; criminal exploitation of wireless network infrastructure; cell-phone mediated social-engineering style eCrime; and wireless device and wireless network forensic techniques and technologies. The working group will provide a resource for information and solutions for eliminating fraud and electronic crime that target, exploit, and abuse mobile platforms.

The working group's principal foci are:

Public Education: Educate users and consumers by providing information about threats and raise ecrime awareness

Policy: Provide information to legislators/policy makers/law enforcement/deciders

Research: Organize, promote, present and distribute research related to mobile and wireless eCrime
Information sharing/discussion that brings together: hardware and software and service providers and provide a forum where all three sectors can share information and organize the global response to wireless and mobile device eCrime.

First Year Agenda:

Survey the field
Participant outreach
Focus research output
Publish reports and educational material
Organize a kick-off meeting + at least 1 dedicated meeting
Develop an online presence at APWG public website:

Schedule (Subject to change)

First version of announcement: 2nd week of July
First conference call: end July
Mobilization and Outreach: August
First face to face meeting: October (Dallas)
Second meeting: APWG meeting (tentative. Possible before that depending on the result of mobilization and outreach)

The three co-chairs of the APWG Wireless Device Fraud Working Group are:

Leonardo AmorVicente, APWG Research Fellow, Telefonica

Dr. Hassen Saidi, APWG Research Fellow, SRI

David Barroso, APWG Research Fellow. S21Sec

Dr. Markus Jakobsson, APWG Research Fellow, FatSkunk

Connect with the Wireless Device Fraud Working Group

Interested parties can reach them at the co-chairs through this email forward: wireless_fraud_info@members.apwg.org