How to Protect Your Android Device from Malware
Part of keeping your Android device safe is learning to recognize questionable apps. Apply the same techniques that you use to identify rogue emails from bogus financial institutions, like pixelated, poorly rendering logos, spelling mistakes, and publisher names that don't match the official spelling or wording -- for example, "Blackberry" rather than the official "BlackBerry."
Nov 20, 2013 5:00 AM PT
If you're in the majority of Android users, your smartphone or tablet isn't protected from malware attacks. In fact, Jupiter Research reckons that a full 80 percent of smartphones are unprotected.
Why is that a problem? The answer is that even if your smartphone hasn't been affected so far, it likely will be, and that's because of the vast sums of money motivating criminals to seek out and capture financial data, passcodes, and other potentially profitable information. The more machines, the more money.
Until phone makers address the potential issue more thoroughly, it's in your interest to secure your device with a few easy-to-implement steps.
Step 1: Download apps from trusted sources only.
The Google Play store is a trusted source. It's the official app-distribution channel and it regularly scans apps for malicious code and removes malware apps that it finds. Amazon, meanwhile, says it tests apps before publishing them to its store.
There are other trustworthy sources out there as well, but be aware that most Android malware comes from third-party sites.
Risk Tip: Some app stores may ask you to turn on a device-based setting, which can allow the device to install apps from "unknown" sources. Be aware that this is risky.
Step 2: Avoid sideloading from questionable sources.
Sideloading is the disabling of Android security, downloading and then running of APK files -- look for the .apk extension. APK files are the program files, similar to the EXE files in the Windows OS.
While it's not inherently dangerous to use an APK file rather than the Google Play store to load an app, it is when the source is questionable.
Risk Tip: You can reckon that any source offering paid apps for free is questionable.
Step 3: Learn to identify fake apps.
Apply the same techniques that you use to identify rogue emails from bogus financial institutions, like pixelated, poorly rendering logos, spelling mistakes, and publisher names that don't match the official spelling or wording -- for example, "Blackberry" rather than the official "BlackBerry."
Risk Tip: Some organizations outsource their app development, resulting in mismatched publisher names. Perform a Google search on the labeled publisher and gauge the app's legitimacy based on that.
Step 4: Question apps that don't appear to do much.
Read through the app reviews in the Google Play store. Make sure that the user reviews indicate that the app does what it says it does.
Risk Tip: Apps that request your email can be the source of annoying promotional mailings.
Step 5: Install security software.
Major PC security vendors like AVG and Norton make antivirus apps for Android too. The apps detect and remove viruses, malware and spyware. They often also have additional benefits that make handing over any money more palatable, like phone locating via Google Maps and locking or wiping functions.
Want to Ask a Tech Question?Is there a piece of tech you'd like to know how to operate properly? Is there a gadget that's got you confounded? Please send your tech questions to me, and I'll try to answer as many as possible in this column.
And use the Talkback feature below to add your comments!