With new apps being released into the google play store and apple store regularly (111 on google play and 31 on the apple store in August alone). It is hard to keep track of which applications are safe, trusted, and can be installed on our devices with confidence.
It is important to note that not all apps that are a security risk are malicious in nature. It is easy to overlook secure coding practices when deadlines are looming. LucidCoast works with app developers to determine if there are security flaws in their mobile applications. Contact us for a free consultation.
Apple and Google are fairly good at keeping apps that have malware and ties to hacking organizations out of their respective stores. However as seen in the news, not every malicious app is caught right away.
“Joker malware pretends to be a legitimate app in the Play Store but after installation conducts billing fraud” “Of the six apps uncovered as delivering Joker, one called ‘Convenient Scanner 2’ has been downloaded over 100,000 times alone, while ‘Separate Doc Scanner’ has been downloaded by 50,000 users.” – Danny Palmer ZDNet
What can criminals do with your infected device?
⦁ Steal your contacts and sensitive photos
⦁ Follow your every move with a location tracker
⦁ Read your private text messages
⦁ Save your passwords after you type them in
⦁ Jack up your phone bill with SMS messages to premium numbers
⦁ Go on shopping sprees with your bank account
How can I stay safe?
While it does take a few more seconds before you download that next app, there are steps that you can take that will save you from headaches in the future. Three things to remember are.
⦁ Avoid third-party app stores
⦁ Look out for fake or malicious apps
⦁ Check the app for appropriate permissions
Third-Party Apps
Not all third-party apps are malicious, in fact, there are times that a new gizmo you have purchased while require you to download their app to control it. Oftentimes these are not in Google or Apple stores. However, we want to be wary of downloading apps from untrusted sources (strange websites).
Fake apps and Scams
There are a few ways that we can spot fake or malicious apps.
⦁ Check who the developer is
⦁ The number of downloads
⦁ Read the reviews!
⦁ Spelling errors
If the app you want to download has very few downloads, close to no reviews (or reviews that seem staged), and spelling errors. Then it is probably worth skipping. While this is not a complete list, it will help you to be well on your way to staying safe while downloading apps on your device.
App Permissions
When it comes to app permissions, it is no secret that most of us click on whatever button that finally allows us to use the app that we have just installed. It is time to break that habit!
Be aware of permission requests from apps that do not match up with the intended purpose of the application itself. A dictation app that records your voice may need access to your microphone, but shouldn’t need access to your camera, location, contacts, or information about the phone calls that you make.
Somewhat related to your apps permissions is the privacy policy. You know it, I know it… Most of us overlook or scan it briefly so that we can get to using the newly installed app. Believe it or not, it is actually important to read the privacy policy! Luckily we only have to look for a few things. What data is being collected and why, what will it do with that data, and is that an acceptable trade-off for you?
LucidCoast utilizes MaaS360 with Watson to secure our clients’ mobile and BYOD (bring your own device) infrastructure. “MaaS360 secures and contains data accessed by users, keeping corporate apps and content separated while allowing for easy removal and access revocation.” Contact us for a free consultation.
Together we can help to make your mobile devices and the Internet a safer place to work and play.
