Smartphones Under Fire: Why We Need to Keep Our Android Devices Safe

Credit to Author: Michael Miley| Date: Wed, 06 Sep 2017 13:00:13 +0000

If there’s one thing we know about cybercrimnals it’s that where there’s people and money, they will surely follow. With an estimated 1.4 billion Android devices in use today, it’s not hard to see why they might have your smartphone in their sights. Attacks on Android devices made up 81 percent of mobile attacks last year, as infections reached an all-time-high of 1.35 percent of all devices in October, according to Nokia. Why should we care? Because increasingly we live our digital lives through our mobile devices. If they get hit by the bad guys, it could end up costing us dear.

With smartphone attacks surging 400 percent in 2016, there’s no time to lose.

Android threats are growing

Traditionally, it’s always been fairly easy for developers to upload their apps to Google’s official Play store or the numerous third-party app marketplaces around the world. However, this openness can be problematic for security. Although Google is getting better at vetting apps for potentially malicious content, and removing those that sneak through as soon as it is informed, there’s still a risk that what you choose and install could have malware on it.

Most recently, researchers discovered over 1000 apps infected with SonicSpy, Android malware designed to hijack an infected device to spy on its user, or else make calls and send texts to premium rate numbers. At least three versions found their way onto Google Play. Other examples of recent Android malware include GhostCRL, which allows hackers to remotely control a device; and MilkyDoor, which had up to a million installs on Google Play.

Patching – installing the latest security updates – is one of the easiest things you can do to a PC or mobile device to lower your chances of getting infected by malware. But with the open Android ecosystem there can be issues with patches produced by Google not being implemented by the individual device makers and carriers. Google claimed in its latest Android Security Year in Review report that just half of all Android devices were patched in 2016. Although an improvement on previous years, this figure is way lower than it needs to be.  In fact, less than 3 percent of users are running the latest, most secure OS version.

What’s at stake?

There could be a high price to pay. Hackers know we do everything from check our emails and social media pages, buy goods, watch videos, text our friends and do online banking on our smartphones. That makes the mobile device a prime target for malware and social engineering scams designed to steal or trick us into handing over our log-ins and financial information.

To part us from our hard-earned cash, hackers have developed a range of tools and tactics including banking Trojans, ransomware, spyware, phishing, and premium rate SMS malware.

Threats can come from a variety of places. It might be that unsecured public Wi-Fi hotspot you’ve just logged onto. Or that app you’ve just installed that isn’t what it seemed. It could be hidden in an email attachment or a link in an unsolicited SMS, IM, or social media post. It might even be lurking in a malicious advert on an otherwise legitimate-looking website.

What’s more, if you use the same device to connect to the corporate network at work, you’ll risk spreading any malware infection to the workplace.

Consider too, that many types of undesirable processes on your mobile device can go unnoticed. Big attacks, like ransomware and malware, are obvious, but apps and websites that leak private data, or track more than you want them to, are much more common. Undesirable behaviors, and their negative side-effects, can be so insidious you might never notice them.

Staying safe

One of the reasons mobile threats are so insidious is that we tend to spend less time when we’re on the move considering our actions. When we’re browsing, getting email, using social networks, or texting on our smartphones we’re usually distracted and in a hurry. That makes it easier for the bad guys to trick us into a misplaced click. So, what can we do to stay safe on our mobile devices?

Here’s a few ideas on where to start:

  • Only use the official Google Play store to download apps
  • Always ensure your device’s OS is on the latest version
  • Don’t reveal any sensitive info via things like online banking or checking emails when logged in on public Wi-Fi
  • Don’t click on links or open attachments in unsolicited emails, social media posts, IMs, SMS messages
  • Set a screen lock so no one can access the device if it’s lost or stolen
  • Download security software from a reputable provider to the device. Trend Micro Mobile Security for Android safeguards against malicious apps, fraudulent websites, data theft, unsecured Wi-Fi, dangerous links, and device loss.

With the right tools to hand and a clear head, we can all benefit from the freedom and fun our smartphones provide whilst protecting our digital lives from online threats.

http://feeds.trendmicro.com/TrendMicroSimplySecurity