Malware is becoming an increasingly difficult issue to tackle for the Android operating system, but there are still ways that Android users can protect themselves. Many of the malware issues that are plaguing Android are fairly easy to detect and avoid, provided that you know what they are looking for.
1. Fake Utilities
There are numerous fake utility applications offered for Android devices that claim to increase the functionality of your device. Many of these utilities say that they will increase the battery power/speed/memory capacity/etc. Be skeptical about these claims that are too good to be true, they often are. Do your own research to determine whether the application is dangerous. Simply being a popular application should not imply that the application is reputable. Studies have found that a good percentage of popular applications still included malware and exploits.
2. Charges to Your Mobile Phone Bill
If you have an Android device, you should be particularly vigilant about checking your mobile phone bill for any charges you don’t recognize. The vast majority of Android malware is designed to apply illicit charges to your mobile phone bill; usually these charges come in the form of premium text messaging charges. Some users may not notice these text messaging charges for several months, when they are discovered it may be very difficult to dispute them or to determine which application was the cause. Also, be skeptical about any long distance charges or application purchases that you don’t remember or never consented to.
3. Insecure Wireless Networks
Any time you connect your phone to an insecure wireless connection, you are subjecting yourself to risk. Insecure wireless networks are vulnerable to certain exploits that allow attackers to capture your private information. Whether using an Android device, Apple device or personal computer you should never connect to a wireless internet connection that you don’t trust. This includes any public access points that don’t have passwords as well as commonly used access points that have insufficient levels of encryption. Your mobile data plan will normally be much more secure than any wireless connections you can use.
4. Malicious Applications
Some malicious applications are simply designed to damage data on your Android device or to render it inoperable. You can protect yourself against malicious code by simply researching every application you install. You are not likely to acquire this type of malware without having actually installed it yourself, which makes it extremely important to be conscientious about everything you download. Android malware is particularly prevalent on Third-party Android markets, so it is extra important to be careful when downloading from sources outside of Google play.
5. Android Phishing Scams
There are numerous malware applications that request user names and passwords for sensitive accounts including social media, mobile banking, email, etc. These phishing scams are designed to trick you into providing your sensitive log in information to the attacker. The attacker can then use this information to hijack your social media account and potentially hold it for ransom, steal money directly from your bank accounts and even potentially steal your identity. Be extra careful when deciding which applications to provide your sensitive login credentials to. Research any suspicious applications such as popular applications that appear to have a strange developer (example: a Facebook application developed by “Laura Stone” should be considered potentially malicious).
If you suspect your Android device has been compromised, you should back up your data and perform a factory reset. An Android device that has been infected with malware could be sending your confidential information to a third party or racking up charges under your name. Keeping regular backups is an excellent way to protect yourself from losing data under these circumstances.
James Green is a security researcher for Android antivirus company Armor for Android. James has worked in the Android security field for several years and provides privacy and security advice to Android users.