• Abuse your service – Most PDA or cell phone plans limit the number of text messages you can send and receive. If an attacker spams you with text messages, you may be charged additional fees. An attacker may also be able to infect your PDA or cell phone with malicious code that will allow them to use your service. Considering the service contracts are in your name, you will be responsible for the charges. 
  
  
• Luring you to malicious web sites - While PDAs and cell phones that give you access to e-mail are targets to standard phishing attacks, attackers are now sending text messages to cell phones. These messages, supposedly from a legitimate company, may try to convince you to visit a malicious site by claiming that there is a problem with your account or stating that you have been subscribed to a service. Once you visit the site, you maybe be lured into providing personal/financial information or downloading a malicious file. 
  
  
• Using your portable device in attack – Attacker who obtains control of your service may use your PDA or cell phone to attack others. This type of attack would hide the identity of the attacker and increase the number of targets.
  
  
• Gain access to your account information – Some PDA & cell phones are capable of performing certain transaction (from paying for groceries, parking, to conducting financial transactions). An attacker who can gain access to a phone that is used for these types of transactions may be able to discovery your account information and use or sell it.

(Source: US-Cert - Cyber Security Tip ST06-007)

• Password-protect your portable devices - Verify that you have setup to enter a password onto your laptop, PDA, or cell phone. (For information on how to select a good password, see Password Guidelines).
  
  
• Keep software up to date – If the vendor releases patches for the software operating your device, install them as soon as possible. These patches may be called firmware updates. Installing them will prevent attackers from being able to take advantage of known problems or vulnerabilities.
  
  
• Install and maintain anti-virus software – Protect your portable devices from virsus the same way you protect your desktop computer. Make sure to keep your virus information up to date. (See Understanding Anti-Virus Software for more information).
  
  
• Store important data separately – Considering, there are many forms of storage media, such as, CDs, DVDs, zip disks, and removable flash drives (also known as USB drives or thumb drives). By saving your data on a removable media and keep it in a different location (ex., in your home instead of your laptop bag), you can protect your data even if your PDA, laptop, or cell phone is stolen. You should make sure to secure the location where you keep your data to prevent easy access.
  
  
• Do not follow links sent in e-mail or text messages – Be suspicious of URLs sent in unsolicited e-mail or text messages. While the links that may appear to be legitimate, they may actually direct you to a malicious web site
  
  
• Be careful when posting your e-mail address and cell phone number – Attackers often use software that browses web sites for e-mail addresses.  These addresses then become targets for attacks and spam. Cell phone numbers can be collected automatically, too. By limiting the number of people who have access to your information, you limit your risk of becoming a victim.
  
  
• Disable remote connectivity – Most laptops, PDAs, and cell phones are equipped with wireless technologies such as Bluetooth that can be used to connect to other devices or computers. User should disable theses features when they are not in use
  
  
• Encrypt files – By encrypting files, you ensure that unauthorized people can’t view data even if they can physically access it. Not all portable devices comes with encryption software, you may want to verify that your device comes with that option or obtain it through a download. You may also want to consider options of full disk encryption, which prevents a thief from even starting the portable device without a passphrase. It is important to remember your passwords and passphrases; if you forget or lose them, you may lose your data
  
  
• Back up your files – Make sure to back up any data you have on your portable devices onto a CD, flash drive, DVDs, or network. Not only will this ensure that you will still have access to the information if your device is stolen, but it could help you identify exactly which information a thief may be able to access. You may be able to take measures to reduce the amount of damage that exposure could cause.

(Source: US-Cert - Cyber Security Tip ST04-0210)

• Password-protect your portable devices – Make sure that you have to enter a password to log in to your portable devices. (For information on how to select a good password, see Password Guidelines.
  
  
• Downplay your portable devices – There is no need to advertise to thieves that you have a PDA or laptop. Avoid using your portable device in public areas, and consider non-traditional bags for carrying your PDA, cell phones, or laptops.
  
  
• Keep your portable devices with you at all times - When traveling, keep your laptop with you. Meal times are optimum times for thieves to check hotel rooms for unattended portable devices. If you are attending a conference or trade show, be aware – these venues offer thieves a wider selection of devices that are likely to contain sensitive information, and the conference sessions offer more opportunities for thieves to access guest rooms.
  
  
• Consider an alarm or lock – Many companies sell alarms or locks that you can use to protect or secure your laptop. If you travel often or will be in a heavy populated area, you may want to consider investing in alarm for your laptop bag or a lock to secure your laptop to a piece of furniture.
  
  
• Back up your files – if your portable device is stolen, it’s bad enough that someone else may be able to access your information. To avoid losing all of the information, make backups of important information and store the backups in a separate location (see Good Security Habits for more information). Not only will you still be able to access the information, but you’ll be able to identify and report exactly what information is at risk.

(Source: US-Cert - Cyber Security Tip ST04-017)