The Cabir virus, the first to propagate from phone to phone using Bluetooth short-range wireless technology, attacks phones running the Symbian operating system used by Nokia and other manufacturers.
Although the virus has not been released on the internet, it demonstrates that businesses are likely to face new security risks when the next generation of mobile phones and PDAs is released.
Sal Viveros, virus expert at Network Associates, advised firms to press phone companies to put security measures in place to protect mobile devices.
"At this point, end-users need to make sure that whatever devices operators are working on, they will be secure. Unless users start asking for security, it is not going to be at the top of suppliers' lists. They should at least make sure that networks are protected from viruses and malicious hackers," he said.
Ernst & Young advised businesses to include mobile phones and PDA devices in their corporate anti-virus policies to ensure they are protected.
"Many customers are using their mobile/PDAs to access sensitive e-mail and store security credentials for access to other personal or corporate computer systems. These could soon be the subject of specific attacks," said John Butters, partner at Ernst & Young.
The widespread use of mobile phones will increasingly make them a target for virus writers and hackers, said Network Associates.