Photo (cc) by Chingster23
It’s easy to forget that your handy little smartphone is really a miniature computer. Easy, at least, until you download a malware-infected app and the phone starts sucking battery power and burning through the data plan.
Some infections on mobile devices bombard you with ads or lock up your data and demand a ransom to get it back. Others take over your contact list, distributing infected emails to everyone in your network. Still others get hold of your bank account transaction text messages and use them to commit bank fraud.
Phones, pads and tablets, just like laptops and PCs, are juicy targets for bad guys and evil software. Some hijack your phone and use it to make money. Some steal your personal information. Others simply enjoy wreaking havoc.
Take, for example, a game app called Prized. The app was supposed to let users play video games, fill out online surveys and download affiliated apps to earn points redeemable for gift cards and prizes.
Unknown to users, however, Prized took control of their phones to “mine” for virtual currency. Baffled? Me, too. But the Federal Trade Commission and New Jersey authorities explain in court documents how this works:
Virtual currencies are created on peer-to-peer networks through a competitive process called “mining.” As more people join the network, the challenge of mining gets tougher. Miners need faster and more advanced computing to make a profit.
Mining can be done by linking computers in pools to solve complex problems, earning the valuable currency faster, says Ars Technica, a technology geek site.
Ohio-based Equiliv Investments, which produced Prized, recently was charged in federal court with abusing users’ phones and settled with the FTC by agreeing to a ban on creating or distributing malware.
Android devices hit most
Attacks on mobile devices rose 25 percent in 2014 from the year before, reports Alcatel-Lucent, the French telecommunications company. IPhones and iPads are considered less vulnerable, but devices using Google’s Android, the most popular mobile operating system, are frequent targets of attacks. According to Symantec, maker of Norton security software:
In 2014, Symantec found that 17 percent of all Android apps (nearly 1 million total) were actually malware in disguise. Additionally, grayware apps, which aren’t malicious by design but do annoying and inadvertently harmful things like track user behavior, accounted for 36 percent of all mobile apps.
Android devices have now caught up with Windows laptops, which had been the primary workhorse of cyber crime, with infection rates between Android and Windows devices split 50/50 in 2014. While less than 1 percent of infections come from iPhone and Blackberry smartphones, new vulnerabilities emerged last year to show they are not immune to malware threats.
How to protect yourself
Much of the damage done by rogue software can be prevented by taking these simple security precautions:
1. Install operating system updates
Download your device’s software updates as soon as they are available to take advantage of security improvements from the device manufacturer.
2. Download apps only from trusted sites
Avoid downloading mobile software from unknown sources. Risky sources include alternate Android app markets, links you receive in email, Bit Torrent sites and even apps downloaded from an app maker’s website. Stick to apps from the Google Play store and Apple’s App Store.
Before downloading, read online reviews of the app and the developer. Teach your kids how to do their own research.
4. Know your phone
If your phone runs slow or hot or loses battery power, go into its settings to see which apps are using data and battery power and remove the hogs.
5. Just say no
When Apple iOS apps ask permission to use parts of your phone like your contacts or location, stop and think. Don’t allow access unless the app needs it to function.
6. Get serious with passwords
Use strong passwords on your device and accounts. (Symantec’s free Norton Identity Safe Password Generator is an easy way to create hard-to-crack passwords).
7. Store passwords securely
Strong passwords aren’t enough. Store passwords securely, in a safe or locked box off-line. Or use password manager software. Lifehacker reviews 5 Best Password Managers and The New York Times also reviews options.
8. Back up data to the cloud
Back up mobile devices to the cloud so your data is available in case you lose it to a malware attack. PC Magazine’s “The Best Cloud Storage Services for 2015″ compares free storage options. Google Drive and Microsoft One Drive are the champs, with 15 gigabytes of free storage each.
What thought do you give to downloading new apps to your phone? What security measures do you take? Share with us in comments below or on our Facebook page.