Unlike computer spam, SMS spam doesn't contain as many malicious links, however. "With a malicious link in regular email, you can be taken to a site where you can get a drive-by infection," he said. "That doesn't happen as much on a phone.
"There are Trojans on Android phones, but you have to click on a link, download the app and go through the install process to actually activate it," he explained.
Meanwhile, a curious SMS spam campaign was discovered this week by ThreatTrack Security. It masquerades as a message from Google informing its targets that either their Google or Gmail account has been hacked.
"The messages are being sent out to completely random phones," ThreatTrack Senior Threat Researcher Chris Boyd said in an interview. "A lot of people who have received the message have actually said that they don't have any sort of Google account whatsoever."
What's puzzling about the spam is it doesn't seem to have any commercial purpose. People who respond to the message are asked to enter a verification code that was included in the spam, are told that voice mail has been activated and are disconnected.
"The Google account message may be irrelevant," Boyd said. "It may be a hook to verify that you have an active phone number. Once a number is verified, it can be bombarded with spam messages, scam offers and who knows what,."
The problem is that, while the campaign has been going on since March, that kind of activity hasn't occurred yet. "It's quite a mysterious campaign because usually the answer would have appeared by this point," Boyd said.
Sign up for CIO Asia eNewsletters.