The ubiquity of mobile phones has created a unique opportunity for cybercriminals. They now have a way of accessing both our money and personal information without us realizing it by distributing risky apps that we often willingly download.
Many of the most dangerous apps target Android devices, and there are a few good reasons why. Let’s look at why Android malware is so prevalent, and what you can do to keep your device and information safe.
One reason why Android devices are a goldmine for cybercrooks is that they offer hundreds of millions of potential targets. Android is the most popular mobile operating system in the world, accounting for more than 80% of new smartphones sold in the last quarter of 2016.
That’s why just a handful of malicious apps can do serious damage. Take the “ExpensiveWall” malware attack earlier this year, which spread to as many as 21 million victims. By sneaking malicious apps into the Google Play store, cybercriminals were able to charge users serious money for phony services and premium text messages they didn’t agree to receive.
The users thought they were downloading harmless apps offering wallpaper options and camera tools, not realizing that they were designed to rack up charges in the background. And since the apps were distributed through Google’s official app store, users presumably thought they were safe.
That leads us to another reason why Android malware is so popular with the bad guys. It is easier to get an app into the Google Play store, after a short manual review, compared to Apple’s vetting process.
For approval of an iOS app, or even an app update, developers have to submit to a rigorous review that can take as long as 10 days before the app is made available to the public. What’s more, iOS apps are only distributed through Apple’s official App Store, unlike Android apps, which are available through a number of channels.
This wide distribution is great for Android users who want a large number of app choices that they can run on different devices without restrictions, but not so great when it comes to making sure that each app is above board and secure.
So, if you are an Android user it’s worth your while to take a few key steps to avoid malware attacks aimed at accessing your device, money, and information.
Here are 5 tips to stay safe:
1) Do your own safety checks—Before installing a new app, read other users’ reviews to see if the app is safe and does what it claims to do. Be extra wary of “free apps” distributed through little known sites, or via links sent by email or text message.
2) Read the permissions first—We know—wading through all the legalese that comes with app permissions can be tiresome, but it is well worth your while. Make sure that the app won’t invade your privacy by accessing information it doesn’t need, like your contacts, camera, or keystrokes. Pay special attention to any mention of paid services, like premium text messages, so you know what you are agreeing to.
3) Limit your install options—Stick to using the official Google Play store or a reputable store like the Amazon App Store. (Although using the Play or Amazon stores is no guarantee that all the apps there are safe, they tend to have more users and more reviews to base your decisions on.)
One quick and easy way to avoid unsafe apps is to make sure that the “install from unknown sources” setting remains in the off position. This prevents you from installing applications from anywhere other than the Play store.
4) Limit your app use—Only install apps you need and use regularly. If you no longer use an app, uninstall it to keep it from accessing your information unnecessarily. This will help you save memory, and reduce your exposure to potential risks. For apps that you do use, limit their access to personal information so that they only access what they need to function properly. For example, a weather app doesn’t need access to your photos.
5) Use mobile security—Comprehensive protection, like McAfee Mobile Security, can help guard against viruses, malware, device theft and other threats. It can also help you understand how your apps are using your personal information.
"author": "Gary Davis",
"category": "Consumer Threat Notices",
"authordetail": "Gary Davis is Chief Consumer Security Evangelist. Through a consumer lens, he partners with internal teams to drive strategic alignment of products with the needs of the security space. Gary also provides security education to businesses and consumers by distilling complex security topics into actionable advice. Follow Gary Davis on Twitter at @garyjdavis",
"pubDate": "Thursday, 12 Oct 2017 12:35:48 +0000"