Nowadays, the term ‘virus’ is more closely associated with the world of technology over the likes of the common cold and as with its biological counterpart it can refer to all manner of ill fates, for your computer or more recently your smartphone.
Lookout Mobile Security featured as one of our chosen apps to help fight against the digital nasties that lurk within the world of Android and iOS. The company's latest report yields some particularly interesting information surrounding the most popular methods of mobile security attacks and how the industry is changing.
The most disturbing developments lie in the business of mobile malware, which Lookout say is fast turning into a profitable illegal industry. The drive to create malicious apps is manifesting itself in numerous ways and the company states that between June 2011 and June 2012, some six million Android users were subject to some form of malicious app, ad scheme or service on their smartphone.
What is a malware?
Malware means malicious software. This term can refer to an application containing a virus or malicious code designed to either damage your device or worse, steal your personal data including contacts, location information and financial details.
One such method of attack which has seen increasing popularity of late has been Toll Fraud: the act of which involves a user clicking on a spurious mobile ad which is tied to automated systems which download malicious software to the users phone. This malware then charges the user and the profits made are split between the distributors of the spurious advertising and writers of the malicious application. The full process is demonstrated in the diagram below.
Despite the increasing dangers of malicious applications, their activity is far more prevalent in select regions in the world such as Russia, Ukraine and China, but the damage done to mobile users in these regions is said to collectively be in the millions of dollars.
The upside to all this is that applications such as Lookout’s are adapting all the time to help counter the new ways in which unsavoury entities operate and scam mobile users. The full report entitled “The State of Mobile Security” can be read here.
Is my Android phone safe?
A recent study conducted by BT revealed that out of 1000 Android applications, more than one third were said to contain some level of ‘malware’. Jill Knesek, BT’s Head of Global Security Practice commented: ”Almost every device is compromised with some kind of malware, although often it’s not clear if that code is active or what it is doing. ”
Now before alarm bells ring, the difficulty with the term ‘malware’ is that its definition isn’t finite. In this survey, Depending on where BT draws the line, any code designed to access personal information, even for legitimate purposes, might have been deemed unsavoury.
What’s more, not all the applications tested may have necessarily heralded from Android’s Google Play store. Why is all of this important? Because understanding what constitutes as a safe or unsafe application should help you discern what to look out for and how best to manage your own device securely.
Why is Android insecure?
Although BlackBerry, iOS and Windows Phone users could all potentially find their phones harbour a virus, it’s the open nature of Android as a mobile operating system that renders it far more susceptible to such troubles. Find out more in Smartphone security: How safe is your operating system?
Not only can users choose to download applications from outside official channels, but Google Play just isn’t as well policed as Apple’s App Store for the presence of spurious applications and dangerous content.
Google has already implemented measures to clean out existing and prevent further dangerous content from appearing on Android’s app marketplace, with numerous security checks and the addition of ‘Bouncer’; a newer part of the app submission process designed to help filter out any sinister developers and their creations.
What can I do to protect my Android device?
First and foremost, no solution guarantees absolute protection, as is the case with PC Antivirus software. With new ways to attack a system being produced all the time, it’s a tricky business to stay abreast of, but companies with experience in this department have already invested time and money into providing a more secure mobile experience through the release of useful information and preventative apps.
1: Download a mobile security app
There are a decent array of mobile security apps, many from brands you’ll likely be familiar with, making serious headway specifically in the mobile space:
- McAfee Antivirus & Security - The free version of this app came pre-installed on Sony Ericsson handsets last year and is available to all Android users from Google Play. You get full protection for a trial period of 7 days, after which you it’ll cost you to keep ahold of the app’s antivirus, remote lock, remote wipe, auto-backup, smartphone locator and remote management capabilities.
- Norton Antivirus & Security - Another widely recognised software security brand that’s entered into the mobile space, their app boasts similar services to McAfee’s with the addition of web browser protection and a ‘lite’ version designed so as not to risk slowing down your device.
- Lookout Security & Antivirus - A personal favourite of ours, Lookout is built from the ground up with mobile devices in mind, Lookout offer an entire suite of apps designed to help prevent attacks on your smartphone or tablet, with a preventative system in place which updates every device running the app with new virus identification libraries, once detected.
2: Check app permissions
If you want to better understand how your smartphone’s content is being accessed, check out the application permissions when you download an app from Google Play. Once you hit the ‘Install’ button but before you ‘accept & download’, you’ll be presented with a list of permissions grouped by categories such as ‘Storage’, ‘System tools’, ‘Network communication’ and ‘Your location.’ If you're not comfortable sharing the information, don't install the app.
3: Switch off 'Unknown sources'
Depending on which version of Android your device runs, you’ll have the option to allow or disallow ‘Unknown sources’ of non-market applications. Clicking allow enables you to find app files such as .APKs from elsewhere on the internet to endow your Android phone with applications unavailable through official Google channels. The downside to this is that such apps are unmoderated and include an increased risk of containing viruses or malware.
For Gingerbread users check Settings > Application Settings and for Ice Cream Sandwich users, head to Settings > Security. If you are in doubt make sure you don't allow permission.