With all of the recent news about mobile security issues, there’s no question that there are plenty of dangers out there for you and your mobile device. So we’re here to help with seven tips on how to keep your smartphone or tablet away from hacking attempts, malware, and general mischief.
By far the most important thing you can do for the safety of your smartphone is avoid apps that aren’t from major app stores, the ones which are responsible for the content they supply. Apple is known to be vigilant about the contents of ifs App Store. Google Play routinely scans the apps its developers offer for malicious code, providing you with a first line of defense against either bad apps or bad developers. Amazon and the major carriers likely do the same with their stores. “Cleaning out” malicious apps protects the people using that store from any number of bugs that might get transmitted in otherwise innocuous software.
Apps downloaded from untested sites, however, could contain just about anything. Even well respected developer sites like “XDA-Developers” aren’t immune to the possibility of someone taking advantage of their community to spread malicious code. And sites which offer pirated or altered software are particularly dangerous, thanks to the already illegal nature of what they offer; seeing the difference between an app which has been “cracked” to run for unpaid users, and one modified to include malicious code, is even more difficult than it sounds. This also includes accepting apps sent to you in other ways: by email, text message, etcetera. Even if they’re well known apps, anything coming from a link that isn’t a trusted store has to be suspect. Even if they’re from your friends, your friends’ email accounts or phone messages could have been compromised along with the rest of their smartphone. Downloading only from trusted sources saves infinite headaches.
Still, despite the risks, maybe you have to download apps from all over the internet. Or maybe you just want to be extra sure that nothing slips by the app stores, even for a few days. Android is particularly prone to security exploits. Your best defense might be one of the many anti-malware apps available for Android. AVG, Avast, Norton, McAfee, Kaspersky, and other well trusted names in anti-malware protection for PCs are also available for Android tablets and smartphones. AVG, for example, is very highly rated by users, with more than 460,000 five-star reviews and an average rating of 4.6 on Google Play. And as a bonus, many anti-malware apps also feature anti-loss/theft options for your device, such as being able to remotely locate it via GPS, lock or wipe the device, et cetera.
3. Keep informed on the latest malware trends
Knowing what kind of malicious software is out there can save you lots of headaches if you accidentally run into it. For instance, one of the more popular scams–one which can’t necessarily be detected by Google Play, even–is “one click billing” fraud. A malicious app directs you to a web page claiming that you’ve just agreed to pay them money via “one click billing.” Usually this scam is associated with adult content, hoping that users will be too embarassed to dispute that they actually agreed to buy anything. And since it’s only a referral to a web page, it’s invisible to apps which scan for malicious code.
Another common type of attack is actually based on the user’s desire for security. The user is informed by a malicious website or advertisement that they have a virus, and given a link to an “antivirus” app. Once installed, the app takes over your smartphone and demands a “registration fee” to let you use your phone again. Once again, only download known names in antivirus, and only from trusted app stores.@@–nextpage–@@
4. Keep an eye on app permissions
When you download a new app–even one from a trusted app store–make sure to check out what permissions it asks for, and that they’re appropriate to its stated functions. For instance, a note-taking application might need permission to use the microphone if it also stores voice notes, but it’s doubtful that it would have a good reason to access your camera or read your phone’s contacts. Innocuous apps can be used for plenty of things apps which might not rise to the level of “malicious software,” but could still endanger your privacy, such as rifling through your contacts or connecting to your Facebook account. If an app doesn’t provide a good reason for any permissions it requires, think twice about whether you really need it or if there’s an alternative.
Although they can be tempting if you’re suffering with limited or slow data service, public WiFi hotspots are also prime places for ill-intentioned people to get access to others’ data. Even something as simple as checking your email could expose passwords that could be used to get access to many of your other online activities. Use the mobile data network if possible; when it isn’t, consider either using a VPN, or making sure that all of your apps and accounts are set to use only encrypted connections. Similarly, public charging stations can be used to access data on your device, or plant malicious software. By connecting your phone via USB to an unknown source, you’re exposing a lot of your phone’s internal workings without protection. Instead, carry your own charger, or a spare battery if that works for your phone.
6. Investigate alternate security apps
If you need or demand even more serious security, there are other apps besides anti-virus which can help, although some of them may require “rooting” your phone in order to use. DroidWall is one of these: a firewall app for your Android device, allowing you to control what applications are allowed to connect to the internet, and when. For example, blocking apps that handle private information from connecting over WiFi hotspots. Or blocking certain apps from communicating at all, to close off potential leaks from apps which really don’t need to be connected. Permissions Denied is another “root” app, which lets you control what permissions apps are actually given, allowing you to “turn off” potential privacy problems, such as blocking an app from using your device’s camera, or accessing other data. Last but not least there are encryption apps available without rooting that can secure your files, photos, even your web browsing, against potential loss or theft of your device.
If you really, absolutely need more security than you can get using an ordinary smartphone, there are options for “hardened” smartphones more secure than the average. One such example is Fortress Fone, a customized Samsung smartphone sold by a company called Ziklag Systems which has been rebuilt with added security features, call encryption, and other protections. Granted, these sorts of devices are overkill for average people, even those who have good reason to need security. Such devices are mostly designed for government and industry, in order to guarantee the security of classified or company-proprietary information. However, if you fall in or near that category, you may find the peace of mind of a “hardened” smartphone to be worth the cost.