There’s a new trojan going around for Windows Mobile PocketPC devices. Once installed on a device it sends some details to the person who wrote it, and it leaves a back door to allow the author to install programs on your device without your permission.
It’s being called WinCE/InfoJack by antivirus companies. It gets installed when you download a legitimate program from a “hacked” site. For example, it’s been detected in Google Maps (a hacked version of Google Maps, not the original one).
To safeguard against these type of malware only download applications from the vendor who created it. In the case of Google Maps, you should download it from Google’s own website and not a more generic download site.
You should also invest in antivirus software for these devices.