BARCELONA: Keeping smartphone users safe from phishing, deepfakes and malicious software is top of mind for many manufacturers and network operators this week at the world's biggest wireless technology conference.

Cybersecurity may not be splashed across the vast screens lining the convention centre's halls alongside omnipresent artificial intelligence features, but it has had top billing in some product announcements at the Mobile World Congress (MWC) in Barcelona.

Chinese smartphone maker Honor showed off a new tool ahead of MWC's opening that it said would allow its smartphones to detect deepfakes – deceptive AI images and video based on the likeness of real people.

Users can request verification of a piece of content with a single click, offering it up for scan by an AI tool that Honor says can detect fakes with 99% accuracy.

The GSMA telecom operators' association, which hosts MWC in Barcelona every year, has developed a tool called "Scam signals".

Built alongside Britain's banking industry group, UK Finance, "Scam signals" is a service that applications can call on to detect signs of phone-based fraud, when scammers call up customers to push them to authorise transactions on their mobile banking apps.

Based on data including the length of a phone call, the system can prompt banks to "stop the transaction in progress, make sure everything is OK, before then making the transfer", said GSMA head of industry security Samantha Kight.

Some UK networks have already adopted the tool.

But fraudsters have a whole spread of methods to attack smartphones, targets of choice for their ubiquity and largely lacking protection.

'Trojan horse' attacks

Online banking fraud grew the fastest of any attack against mobile devices in 2024, according to cybersecurity firm Kaspersky.

In its annual report published to coincide with MWC, it calculated that so-called "Trojan Horse" attacks using malicious software to steal login details for bank apps had tripled year-on-year.

Users remain vulnerable to applications that can conceal harmful functions.

In most cases of banking fraud, "users are installing a malicious app," Kaspersky analyst Marc Rivero told AFP.

"For example, they want to install a game and they find the link on the internet... the app seems to be the official one, but it's a fake app and then malware is installed on the device."

Unnoticed threats

Even official app stores that come pre-installed on smartphones that are supposed to offer only verified software can have weak points.

The level of risk varies depending on the operating system, with the widely used Android remaining more vulnerable than Apple's iOS, according to many experts.

And with many smartphone owners not using dedicated security software, the dangers can remain invisible, said Roxane Suau of cybersecurity firm Pradeo.

On an unprotected phone, "you won't see if someone has clicked a phishing link or downloaded a malicious programme," she said.

"The general public largely hasn't woken up" to the security risks, Suau added.

Users can take some control of their security with straightforward changes to their phones' settings, she said.

These include not leaving Bluetooth activated permanently, not connecting automatically to WiFi networks and promptly installing software updates. – AFP