The Samsung Galaxy S4 might come with a large number of new features, but it seems that one of the new features contains a serious smishing (SMS phishing) flaw. Samsung's "cloud backup" feature was found to be improperly secured, and can exploited by malicious software to send fraudulent or fake SMS messages while pretending to be the identify of any contact or organization, without the owner of the phone realizing.
This exploit was discovered by Chinese Internet security firm Qihoo. According to Qihoo, Samsung has already been notified of this issue, and is already in the process of fixing the issue. Qihoo also added that users can avoid being exploited by this vulnerability by turning off the "cloud backup" feature when it's not being used. A temporary fix has also been made by Qihoo 360, and can be deactivated once the security flaw has been patched. Current Samsung Galaxy S4 users of Qihoo's latest Android app are protected against this exploit.