How to stop getting malware on Android
Should you be worried about Android malware? Well, yes and no. “Yes” in that it most definitely is out there, but “no” in the sense that as long as you follow a few simple rules, you should be pretty safe.
Unlike a desktop computer, Android phones provide a more walled garden approach to security, blocking the amount of damage you can do unless you specifically go out of your way to disable them. On a PC, visiting the wrong website could send a “drive-by” download and put your computer at risk. On Android, that isn’t the case by default, and as such, it’s a far less attractive proposition to ne’er do wells: there’s just less chance of the strategy working.
Google scans everything uploaded to the Google Play app store for known malware, and a human reviews process to check the more questionable looking uploads. The real risks come from installing applications obtained from outside of Google Play.
So here are five tips to avoid getting malware on Android. TL;DR: practice some common sense.
How to stop getting malware on Android
Stick to reputable app stores
Google scans every app uploaded to the Google Play store and has a human review process for anything suspicious. The Amazon app store is a good alternative, and often offers tempting deals on apps. Both are pretty trustworthy.
However, search for any well-known app in Google, and you’ll find plenty of sketchy looking download mirrors. The trouble with this is that they might not deliver what they promise, or they might deliver exactly what they promise but with a little extra thrown in. Before Pokemon Go was released in the UK and everyone was resorting to downloading the American APK file, Proofpoint discovered a version of the game which worked fine… but had an additional malware surprise.
Even in those instances where there’s a must-have piece of software not available on the store yet, use a little bit of common sense and look for reputable sources – like Alphr – endorsing them, as we did with Pokemon Go.
Don’t allow unknown sources
By default, you can’t install any .APK files directly to an Android phone. However, it’s really easy to disable this and leave your phone open to malicious files, so unless you have a really good reason to do so, switch it off.
You’ll find the option in the Security submenu of the Android settings screen. Just untick the box labeled “Unknown sources – Allow installation of apps from sources other than the Play Store.”
Check the permissions
When you’re downloading an app from anywhere – Play Store or straight off the net – you’ll be presented with a list of features the app wants access to. By accepting, you’re giving the app the freedom to access these things.
Some will ask permission to access your camera, others want to access an internet connection, some want to read your contacts, a few will want to record keystrokes, and so on. Usually, they’ll want a combination of permissions.
Some are legitimate, but scary sounding. A keyboard app needs to record keystrokes, but a camera app? Probably not. Be vigilant.
Avoid rooting your handset
Even if you do accidently manage to get some Android malware, there are still limits to what it can do thanks to Android’s built-in protections.
These go out of the window if you root your phone.
Rooting means giving the OS root access – like being the administrator on a PC, rather than just a regular logged in user. It’s necessary for a few things, like adding custom ROMs and advanced functionality, but for most people it isn’t necessary.
Again, if you can’t think of a good reason to root, then it’s best not to bother.
For extra peace of mind, get a virus scanner
If you still feel panicked at the idea of getting malware on your Android phone, there is always anti-virus protection on the Google Play store to download. Especially handy if you like to live dangerously and shop away from the mainstream app stores.
Check the reviews and find one that won’t slow down your handset too much, and stick to the usual vendors with a good reputation: AVG, Lookout, Symantec, ESET, etc.
Still, while the Android phone in your pocket is of increasingly similar specs to desktops and laptops, they’re far less open. This makes malicious malware manufacturers’ job a lot harder. If you exercise some common sense and caution, it’s very difficult for them to get too far.
Just don’t get too complacent.
Images: and Christiaan Colen and NoRebbo used under Creative Commons