Knowledge Base
Community

How to Stay Safe & Avoid Viruses on Your Mobile Phone

grand master

 

 

Smartphones.jpgSmartphones are gradually overtaking PCs and laptops as our primary computing platforms. With their speedy quad-core processors, advanced display technologies and powerful operating system software, the smartphone has now become a device through which we conduct day-to-day commerce, online banking and healthcare. Our smartphones are also known to interface with a range of other electronic devices including televisions, cars, vacuum cleaners and more.

 

With many smartphones now containing reams of personal data and regularly being used for sensitive things such as online shopping, banking and healthcare, it’s never been more important to think about the smartphone security. A vital part of this is ensuring that you stay away from malicious applications and that your phone remains free from viruses.

 

In this article, we discuss how to keep your phone safe and free from viruses.

 

Stick to Official Application Stores

 

App Store.jpgRegardless of whether you’ve got an iPhone, Android or BlackBerry, your mobile phone operating system will come with its own official app store. Official app stores include App Store on iPhone, Google Play on Android, App World on BlackBerry and Marketplace on Windows Phone. These are typically available through an icon on your smartphone’s main navigation menu.

 

Whenever possible, we recommend getting your applications from one of these official stores. Whilst it’s possible to get your apps from elsewhere (for example by downloading an .apk file on Android), you may be more likely to come across malicious software or viruses elsewhere. Official application stores tend to be safer as they have review processes: Apple review each application manually before it’s made available on the iTunes App Store whereas Google use automated software dubbed ‘Bouncer’ to test for malicious software. This isn’t foolproof, however, and things can still get through so we still recommend exercising some caution.

 

Once you’ve found an application on your phone’s app store (see screenshot on right), we recommend checking the following things:

 

  • Google Play.jpgCheck the name of the developer of the software. This can be a dead giveaway for malicious applications. Make sure you grab the correct application from the official developer: for example the Facebook application should be from “Facebook”, the Google Maps application from “Google Inc.” and Angry Birds from “Rovio Mobile Ltd”. Applications from top developers will also have a blue badge next to their name.

  • Check the number of downloads the application has had. This gives you an indication of how long it has been available and how many other people have tested it. Generally it should be fairly safe to install applications which have had over 100,000 downloads.

  • Check the star rating of the application. By sticking to applications with a high rating, you can keep yourself away from badly written, buggy and malicious applications. We recommend applications with a rating of at least 3 out of 5.

  • Check the comments and reviews. If it’s a malicious application, there will often be negative comments or reviews.

  • Find an official link. For particularly sensitive and important applications such as online banking, it is recommended to follow a link to the download page from your bank’s official website. This will ensure that the application you’ve downloaded is the official one.

Check Application Permissions

 

Android runs every application in its own sandbox environment. Rather than giving every application full control over your entire device, each application must request those permissions individually during installation. You should pay close attention to the requested permissions when installing a new application - this can go a long way to keeping you out of trouble.


Permissions List.jpgPermissioms Info.jpg
Pay careful attention to the required permissions when installing a new application.

 

In particular, you should keep an eye out for applications that request the ability to send text messages and make phone calls. You should also be wary of applications that request access to read your SMS text messages, the contents of your SD card and address book. Whilst there are legitimate uses for these permissions, it’s worth asking yourself whether the applications really need them.

 

For example, a torch light application shouldn’t request to access your text messages – this is a clear warning sign of a malicious application. Similarly, pay careful attention to applications that request access to the internet. Whilst there are many legitimate reasons for applications to access the internet, they can also use this privilege to “phone home” with your personal information.

 

Avoid Jailbreaking and Rooting Your Phone

 

Astley Virus.jpgMobile phone manufacturers typically restrict what you can do with your phone for security purposes. For example, you typically won’t be able to modify the operating system software nor will you be able to access key system files. By limiting what you can do on your phone, manufacturers can help to protect your security and personal information.

 

The process of circumventing these restrictions is called “jailbreaking” (iPhone) or “rooting” (Android). By jailbreaking or rooting your device, you can remove the restrictions that prevent you from unlocking, sideloading custom applications or installing custom ROMs (customised operating system software) on your device. Whilst this can be a boon for power users who like to customise every aspect of their phone, rooting and jailbreaking can also introduces significant security risks too.

 

By rooting or jailbreaking your handset, you remove many of your phone’s built-in security safeguards. This can allow malicious applications to burrow themselves into the operating system and take over your phone. Examples include the “Rick Astley” iPhone worm which took advantage of a vulnerability in jailbroken iPhones to change the user’s wallpaper to Rick Astley. A much scarier example is an Android hack whereby researchers were able to break into the Google Wallet NFC payment system on a rooted Android device. With this vulnerability, hackers could potentially access your credit card data and purchase history.

 

Download an Anti-Virus Application

 

As an extra layer of protection for your smartphone, consider downloading an anti-virus application. Anti-virus applications can scan all of the applications that you download for malicious code and known viruses. There are over 20 anti-virus applications to choose from but popular ones include Avast, McAfee Mobile Security, Kapersky Mobile Security and Lookout. Many of these apps also include additional features such as the ability to remotely track your phone if it gets lost or stolen. PC Advisor has a great comparison and review of the main Android anti-virus apps.

 

Update your Operating System regularly

 

Operating Systems.jpgTo ensure that any known security vulnerabilities are closed off on your device, you should update the operating system software on a regular basis. You can do this by connecting your phone to a computer and running the relevant update software (e.g. Apple iTunes, Samsung Kies). Alternatively, you may be able to perform an over-the-air (OTA) update through the ‘Settings’ menu on your phone.

 

Unfortunately, it is not always possible to update to the latest version of Android on all devices. This is due to incompatibilities caused by user interface layers and customisations such as TouchWiz and Sense UI. This is one common criticism of Android device manufacturers who do not provide timely software updates.

 

Your thoughts…

 

In this article, we’ve discussed five key ways to keep your smartphone safe from malicious applications and viruses.

 

Have you had any experiences with malicious applications on your phone? What are your top tips for keeping your phone safe and secure? Have you jailbroken or rooted your device? If so, are you worried about the security implications? We’d love to hear your thoughts… please drop us a comment below and let us know what you think!

 

Ken Lo writes about mobile technology and the mobile industry at Ken's Tech Tips.

21 Comments
navigator

There is a bit of a contradiction here, because you need a rooted phone in order to use the full capabilities of Avast. The firewall for example cannot be activated unless your phone is rooted.

novice

There are legitimate reasons to root phones, including as mentioned in the comment above some firewall features that require root access to operate. 


If (like me) you own a rooted android phone, it's worth just executing a small amount of common sense. the root application i use comes with the same level of multi-user access (UAC) as is standard in any Linux system (What android runs on) and requires user feedback before root access rights are granted, If refused, the process requesting it wont receive elevated privileges.
If an app you install requests root access and you know of no reason why it should, refuse it. Also refuse to grant root access when prompted randomly at any time unless it's directly related to something you have done, know and trust to be safe. 


Another point worth noting, the Flash memory on android phones (at least the ones I've come across) where the system folder resides, are by default read only. So unless you change it (not something you can do by mistake) it's unlikely that anything nasty can set up home in there. However, on a rooted phone, it is possible for an application to change that, so again, always pay attention and never grant root access if prompted out of the blue, and only to an application you run if you're 110% sure it's safe to do so.

 

it's also worth disabling the '3rd party apps' option in your settings, this stops you from installing non-official apps by accident. (at least until you need it for something)
Lookout is also worth putting on your phone, it will scan apps that you install to your phone from google play to see if they do anything untoward.

 

 

counsellor

"How to not get a virus on your phone" - Get an iPhone

Steve Jobs explained about this and what Apple do that Google don't, quite an interesting watch

 

 

expert

Certainly a good idea to keep a check on developers and stick to official app stores. You are asking for trouble with external ones sometimes.

consultant

good read, we need more articles like this...

consultant

and the video too...

this is really good stuff, i didnt even realise you could get virus' on phones. ill be careful from now on. thanks

oracle

Cor!! ,, It's like reading three blogs in one here....

 

  • excellent as usual from kenlo
  • mini blog with excellent supporting info from tytiger who's only been with us three days
  • and a Top vid from samlowe

good stuff!! Thanks guys

 

rg6
graduate

Good advice, thanks.  I'd also recommend regularly clearing your browser history, especially after making any online purchases.  History Eraser is a good free Android app.

kingpin

rooting your phone makes no difference as pretty much any method of rooting installs superuser which allows you to choose which apps can use root access.