How to prevent malware attacks on android

Mobile malware is malicious software created specifically to attack mobile devices, such as smartphones and tablets, with the goal of gaining access to private data.

Table of Contents Show

1. Protect your device as if it were a computer
2. Pay attention to the security of WI-FI networks you use to access data
3. Establish and enforce bring-your-own-device (BYOD) policies
5. Encrypt your devices
6. Make sure applications are from trusted sources
7. Create a strong password
8. Be wary of text messages
9. Check your browser for the padlock symbol
10. Check the permissions of installed applications
Lock Your Phone
Enable Encryption Chip
Verify Apps
Use Anti-Malware Softwae
Disable Bluetooth Connectivity

While mobile malware is not currently as widespread as malware that attacks computers, this is a growing threat because many companies currently allow employees to access corporate networks via personal devices, potentially bringing unknown threats to the environment.

Here are some recommendations to prevent a malware attack on your mobile devices:

1. Protect your device as if it were a computer

It is important to recognize that a mobile device is a computer and, as such, applications or games can be malicious, and it’s always recommended to check the source. A good practical rule: if an application is asking for more than what’s necessary, you should not install it.

2. Pay attention to the security of WI-FI networks you use to access data

In general, Wi-Fi networks are insecure. For example, if a user is accessing corporate data using a free Wi-Fi connection at an airport, the data may be exposed to malicious users who exploit wireless traffic at the same access point. Companies should develop acceptable usage policies, provide VPN technology, and require users to connect via these secure means.

Everything you should know when using a VPN.

3. Establish and enforce bring-your-own-device (BYOD) policies

BYOD can be advantageous for users and businesses but may result in additional risk. Ask yourself: How can I control a device owned and managed by a user that requires access to my corporate network? Employees are often the best defence to combat the theft of confidential data. Employees using their own mobile devices must follow policies that keep the company in compliance with regulatory requirements.

That sounds easier than it really is. In the Android ecosystem, updates can be blocked in several ways: by Google (which updates the operating system); by the manufacturer of the device (who may decide to release updates only for the latest models); or by the mobile operator (which may not increase the bandwidth on your network to support updates). Without the ability to update the Android operating system, your device is vulnerable to possible exploits. Search mobile operators and manufacturers to find out which ones provide updates, and which don’t.

5. Encrypt your devices

The risk of losing a device is still greater than the risk of malware infection. Protecting your devices by fully encrypting them makes it very difficult for someone to hack into and steal the data. Setting a strong password for the device, as well as for the SIM card, is mandatory.

6. Make sure applications are from trusted sources

Popular shopping sites, such as Amazon or eBay, have their own mobile apps. If you want to use these apps, make sure they’re the company’s official apps before you start downloading. This can be done by checking developer information and user reviews on the download page. Do not install applications that are not in official stores.

7. Create a strong password

Users can create a strong password on their smartphones. If a password attempt fails a certain number of times, the phone will be locked, disabled, and in some cases all data will be erased

8. Be wary of text messages

Text messages are an easy target for mobile malware, so it is advisable that users do not send sensitive data, such as credit card details or important private information by text.

9. Check your browser for the padlock symbol

The padlock icon in the browser’s address bar indicates that you are on a secure connection from an encryption standpoint. Check for the padlock when entering personal data, such as your address or payment information, or sending e-mails from your smartphone’s browser.

10. Check the permissions of installed applications

Sometimes we give access to the camera, microphone, photos, or location, and other features to an application that temporarily needs that access, and we never remove it again. You can and should check regularly which applications have access and if you need to disable them and remove them. For example, instead of giving an app permanent access to your photos, you can choose to share that image from the photo manager for that app. This way, the app will only have access to photos that are shared with it. Location access can also be limited to only when the application is running, thereby reducing the risk of exposure.

Written by a NortonLifeLock employee

The security argument between Apple’s iOS and Google’s Android system for smartphones is heating up yet again. In a recent study conducted by Daniel R. Thomas, Alastair R. Beresford, and Andrew Rice at the University of Cambridge, research concluded that 90 percent of Android devices are exposed to at least one critical vulnerability.

Security is no longer a one-machine affair. You need a security suite that helps protect all your devices – your Windows PC, Mac, Android smartphone or your iPad.

The threat model was constructed using three common attack vectors: installation attack (malicious codes installed through app download); dynamic code loading (an existing app downloads new malicious codes); and injection (an attacker injects malicious codes directly into the device’s existing system).

Each of these threats requires regular updates and patches from both the manufacturers and the software companies. However, Android devices receive an average of only 1.26 updates per year to fix these evolving threats.

According to the report, “there is information asymmetry between the manufacturer, who knows whether the device is currently secure and will receive updates, and the consumer, who does not.”

The bottom line is that Android users must be more careful about how they use their devices, and take extra precautions in securing their personal data.

Lock Your Phone

The first thing you can do to increase the security of your Android device is to make sure you’ve set up the lock screen. This is done by setting a PIN, pattern, or password and keeps physical attackers from easily gaining access to your phone. While this will not protect you from online threats, it will keep your personal information safe if you lose or temporarily misplace your phone.

Enable Encryption Chip

Next, consider enabling the phone’s storage encryption. Depending on the age of your device and the associated features, you may or may not be able to enable the encryption chip. This feature is much more secure than the average lock screen feature and requires a two-step authentication password to use the device. Older operating systems often have trouble with this feature, causing the phone’s processing to slow considerably. Look at what’s available, and make your decision based on the level of threat you think you might encounter.

Verify Apps

Always verify apps before you install them on your phone. There are third-party applications available outside of the Google Play Store. While some of these applications are harmless, others may contain the malicious codes addressed in the Cambridge study. Check and verify the third-party application before you install. If you’re not completely sure it’s safe, don’t risk your personal or company’s information by allowing the app on your device.

Use Anti-Malware Softwae

Install a reputable anti-malware app from a trusted and secure source such as Norton Mobile Security. Every time you download a new app, run a scan to verify the download was successful and did not contain any malicious codes. Malware has been particularly popular on Android devices.

Disable Bluetooth Connectivity

Disable Bluetooth connectivity when you’re out in public. Bluetooth allows your phone to connect wirelessly with other smart electronics—and enables other people to connect to your device without your permission if it’s left on and unattended. Attackers could be anywhere, from the local coffee shop you frequent, to the coin laundry spot you use around the corner.

Leaving your Bluetooth on puts you and your personal information at a huge disadvantage.You can take advantage of all of these security features today. Until Android begins to provide regular patches and updates for it’s security issues, users will have to remain vigilant and proactive about personal phone security.

Security threats and malware lurk on Windows PCs, Macs, and Android and iOS devices. If you use more than one device – like most of us do – you need an all-in-one security suite. Meet Norton Security Premium.

Enjoy peace of mind on every device you use with Norton Security Premium.

Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2022 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.