While most apps on the market are legitimate, mobile devices have become a targeted platform for malware. It’s becoming more and more common for cybercriminals to corrupt a legitimate app with hidden malicious functionality. These illegitimate and compromised mobile apps are designed to steal information from smartphones, or to send out expensive text messages without a user’s consent. Dangerous apps are usually offered for free and masquerade as fun applications such as games, calendar and comedy apps. Another nasty trick is to pull a legitimate app off of one marketplace, insert malware into it and then re-publish it on other marketplaces or sites with a similar name.
Today, McAfee released some common-sense practices that anyone can take to help protect their smartphones and tablets from the growing threat of malware and the persistent threat of unsecured devices.
For the moment, the amount of detected smartphone malware is relatively low compared to malware that targets desktop or laptop PCs; but being aware that it exists is the first step toward protecting yourself and your data.
Research apps and their publishers thoroughly and check the ratings – better to install apps that are broadly used in the market or are recommended by your circle of friends and colleagues.
It is wise to purchase from a well-known, reputable app marketplace, such as Google’s Android Market or Apple’s App Store. One way for Android users to avoid installation of non-market applications is to de-select the “Unknown sources” option in the Applications Settings menu on their device. If the option is not listed, it means your mobile service provider has already done this for you.
When you install an app, you’ll see a list of permissions for services that are granted access to the hardware and software components on your device, like contacts, camera and location. If something in the permissions screen doesn’t look right, don’t install that app! For example, a game or alarm clock app probably doesn’t need to access your contacts or have the ability to transmit that data from your device.
Install antivirus software on your phone. It is a good idea to install an antivirus program when you get a new mobile device before you add any other apps.
One way to find out if your device has been infected by a bad app is to keep an eye on your wireless bill. Some rogue apps do things like make expensive calls to foreign numbers to fatten the bank account of various intermediary sites at your expense. Often the calls happen in the background or at times when you don’t realize your phone is doing something. Even if you haven’t been infected, you may have unwittingly subscribed to one of those annoying services that automatically bill you every month for things like ring tones, so check the bill every month; it only takes a few minutes.
McAfee can help users protect their mobile device and the mobile apps that reside on the device with McAfee Mobile Security and McAfee App Alert (beta). To learn more about these solutions, visit http://www.mcafee.com/mobilesecurity/.
By: John Dasher